what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 12 of 12 RSS Feed

CVE-2019-18874

Status Candidate

Overview

psutil (aka python-psutil) through 5.6.5 can have a double free. This occurs because of refcount mishandling within a while or for loop that converts system data into a Python object.

Related Files

Red Hat Security Advisory 2022-5070-01
Posted Aug 10, 2022
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2022-5070-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.0. Issues addressed include denial of service, out of bounds read, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2018-25032, CVE-2019-13750, CVE-2019-13751, CVE-2019-17594, CVE-2019-17595, CVE-2019-18218, CVE-2019-18874, CVE-2019-19603, CVE-2019-20838, CVE-2019-5827, CVE-2020-13435, CVE-2020-14155, CVE-2020-24370, CVE-2020-28493
SHA-256 | e7b215852adbc1951046d56f7036f6b75803672b4422c7ce6cb43592abad6003
Red Hat Security Advisory 2021-4324-02
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4324-02 - psutil is a module providing an interface for retrieving information on all running processes and system utilization in a portable way by using Python. Issues addressed include a double free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2019-18874
SHA-256 | d5d02c975f45500c5739c50522cbddf275e63c129c6f1ccfa611f7858d833956
Red Hat Security Advisory 2021-4162-05
Posted Nov 10, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-4162-05 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, double free, information leakage, and traversal vulnerabilities.

tags | advisory, denial of service, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2020-28493, CVE-2021-20095, CVE-2021-23336, CVE-2021-28957, CVE-2021-29921, CVE-2021-33503, CVE-2021-3426, CVE-2021-3572, CVE-2021-42771
SHA-256 | e213dc130fe6c0f9ceeb6dbc6201ba34dd61a302b188cea3f4e8ad9fc8057754
Red Hat Security Advisory 2021-1313-01
Posted Apr 22, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-1313-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include double free, information leakage, and remote SQL injection vulnerabilities.

tags | advisory, remote, vulnerability, sql injection
systems | linux, redhat
advisories | CVE-2017-2662, CVE-2019-18874, CVE-2020-11612, CVE-2020-14335, CVE-2020-25633, CVE-2020-9402
SHA-256 | 27f926f5aa6dc020146bbe82a0e986564870461f6b710ded0e468168538e2d5c
Red Hat Security Advisory 2020-5249-01
Posted Nov 30, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-5249-01 - Fixed two jQuery vulnerabilities Improved Ansible Tower's web service configuration to allow for processing more simultaneous HTTP requests by default Updated several dependencies of Ansible Tower's User Interface to address Updated to the latest version of python-psutil to address CVE-2019-18874 Added several optimizations to improve performance for a variety of high-load simultaneous job launch use cases Fixed workflows to no longer prevent certain users from being able to edit approval nodes Fixed confusing behavior for social auth logins across distinct browser tabs Fixed launching of Job Templates that use prompt-at-launch Ansible Vault credentials. Issues addressed include code execution and cross site scripting vulnerabilities.

tags | advisory, web, vulnerability, code execution, xss, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2020-11022, CVE-2020-11023, CVE-2020-7676, CVE-2020-7720, CVE-2020-7743
SHA-256 | 110dd18b4efb16ae0c10f48cfdb06ff0615e9ae0e93f088c11b253e73a4fd781
Red Hat Security Advisory 2020-4299-01
Posted Oct 21, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4299-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include crlf injection, denial of service, and double free vulnerabilities.

tags | advisory, denial of service, vulnerability, python
systems | linux, redhat
advisories | CVE-2019-18874, CVE-2019-20907, CVE-2020-14422, CVE-2020-26116, CVE-2020-26137
SHA-256 | 68d399ed7e240bb3ab98c139304e5b93c1566ee5d259b9c3fa61f7327e6d6b4b
Red Hat Security Advisory 2020-4255-01
Posted Oct 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4255-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2017-12652, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12450, CVE-2019-12749, CVE-2019-14822, CVE-2019-14866, CVE-2019-14973, CVE-2019-15903, CVE-2019-16935, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-17546, CVE-2019-18874, CVE-2019-19126, CVE-2019-19956, CVE-2019-20386, CVE-2019-20388, CVE-2019-5094, CVE-2019-5188, CVE-2019-5482, CVE-2020-12243, CVE-2020-12400, CVE-2020-1240
SHA-256 | 5fa2b0edd19c548995fa81b56ae17dd75bbbcf0b7a9fd43d5777ad177066c16a
Red Hat Security Advisory 2020-4254-01
Posted Oct 14, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-4254-01 - Updated python-psutil version to 5.6.6 inside ansible-runner container. Issues addressed include a double free vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2017-12652, CVE-2018-20843, CVE-2019-11719, CVE-2019-11727, CVE-2019-11756, CVE-2019-12450, CVE-2019-12749, CVE-2019-14822, CVE-2019-14866, CVE-2019-14973, CVE-2019-15903, CVE-2019-16935, CVE-2019-17006, CVE-2019-17023, CVE-2019-17498, CVE-2019-17546, CVE-2019-18874, CVE-2019-19126, CVE-2019-19956, CVE-2019-20386, CVE-2019-20388, CVE-2019-5094, CVE-2019-5188, CVE-2019-5482, CVE-2020-12243, CVE-2020-12400, CVE-2020-1240
SHA-256 | 95b6f149ed6564a7dba27bae8b6b98f52d801a1eb8ced363663ee391a124f69c
Red Hat Security Advisory 2020-2593-01
Posted Jul 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2593-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a double free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-18874
SHA-256 | 5a75568a9901fe196baea3f4b03a0b40e08d6d6ed52bdeb5c0e77f9d0e39d7d0
Red Hat Security Advisory 2020-2635-01
Posted Jun 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2635-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a double free vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2019-18874
SHA-256 | 14bd30cfa9b2222884a210dc818ef22cd2863bafc1044e8c57af16be083535a7
Red Hat Security Advisory 2020-2583-01
Posted Jun 23, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-2583-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include code execution and double free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2019-18874
SHA-256 | 1d23ade26a307c42c305bad4a55337a7b1a795f0a3383c6ead3f65bd966afdc7
Ubuntu Security Notice USN-4204-1
Posted Nov 28, 2019
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4204-1 - Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-18874
SHA-256 | adc7ec85d31f5349a8be376afe8cf08edc4acfe1a9f39099e09b041b7b93cb51
Page 1 of 1
Back1Next

File Archive:

December 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    2 Files
  • 2
    Dec 2nd
    12 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    14 Files
  • 6
    Dec 6th
    18 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close