Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-8936
HistoryMay 15, 2019 - 12:00 a.m.

CVE-2019-8936

2019-05-1500:00:00
ubuntu.com
ubuntu.com
19
ntp version 4.2.8p12
null pointer dereference
cve-2018-7182 fix

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.112

Percentile

95.3%

NTP through 4.2.8p12 has a NULL Pointer Dereference.

Bugs

Notes

Author Note
leosilva issue was introduced with the fix from CVE-2018-7182
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchntp< 1:4.2.8p10+dfsg-5ubuntu7.3UNKNOWN
ubuntu20.04noarchntp< 1:4.2.8p12+dfsg-3ubuntu4.20.04.1UNKNOWN
ubuntu20.10noarchntp< 1:4.2.8p12+dfsg-3ubuntu4.20.10.1UNKNOWN
ubuntu21.04noarchntp< 1:4.2.8p12+dfsg-3ubuntu4.1UNKNOWN
ubuntu21.10noarchntp< 1:4.2.8p12+dfsg-3ubuntu6UNKNOWN
ubuntu22.04noarchntp< 1:4.2.8p12+dfsg-3ubuntu6UNKNOWN

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.112

Percentile

95.3%