UBUNTU-CVE-2019-2053

Source
https://ubuntu.com/security/CVE-2019-2053
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-2053.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-2053
Upstream
  • CVE-2019-2053
Published
2019-05-08T17:29:00Z
Modified
2025-10-24T04:47:23Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
  • Ubuntu - negligible
Summary
[none]
Details

In wnmparseneighborreportelem of wnm_sta.c, there is a possible out-of-bounds read due to missing bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android-7.0 Android-7.1.1 Android-7.1.2 Android-8.0 Android-8.1 Android-9 Android ID: A-122074159

References

Affected packages

Ubuntu:Pro:14.04:LTS / wpa

Package

Name
wpa
Purl
pkg:deb/ubuntu/wpa@2.1-0ubuntu1.7+esm5?arch=source&distro=esm-infra-legacy/trusty

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

1.*
1.0-3ubuntu2
1.0-3ubuntu3
1.0-3ubuntu4
2.*
2.1-0ubuntu1
2.1-0ubuntu1.1
2.1-0ubuntu1.2
2.1-0ubuntu1.3
2.1-0ubuntu1.4
2.1-0ubuntu1.5
2.1-0ubuntu1.6
2.1-0ubuntu1.7
2.1-0ubuntu1.7+esm1
2.1-0ubuntu1.7+esm2
2.1-0ubuntu1.7+esm3
2.1-0ubuntu1.7+esm4
2.1-0ubuntu1.7+esm5

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "hostapd",
            "binary_version": "1:2.1-0ubuntu1.7+esm5"
        },
        {
            "binary_name": "wpagui",
            "binary_version": "2.1-0ubuntu1.7+esm5"
        },
        {
            "binary_name": "wpasupplicant",
            "binary_version": "2.1-0ubuntu1.7+esm5"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-2053.json"

Ubuntu:16.04:LTS / wpa

Package

Name
wpa
Purl
pkg:deb/ubuntu/wpa@2.4-0ubuntu6.8+esm1?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4-0ubuntu3
2.4-0ubuntu4
2.4-0ubuntu5
2.4-0ubuntu6
2.4-0ubuntu6.2
2.4-0ubuntu6.3
2.4-0ubuntu6.4
2.4-0ubuntu6.5
2.4-0ubuntu6.6
2.4-0ubuntu6.7
2.4-0ubuntu6.8
2.4-0ubuntu6.8+esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "hostapd",
            "binary_version": "1:2.4-0ubuntu6.8+esm1"
        },
        {
            "binary_name": "wpagui",
            "binary_version": "2.4-0ubuntu6.8+esm1"
        },
        {
            "binary_name": "wpasupplicant",
            "binary_version": "2.4-0ubuntu6.8+esm1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-2053.json"

Ubuntu:18.04:LTS / wpa

Package

Name
wpa
Purl
pkg:deb/ubuntu/wpa@2:2.6-15ubuntu2.8+esm1?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

2.*
2.4-0ubuntu10
2:2.*
2:2.4-1.1ubuntu1
2:2.6-15ubuntu1
2:2.6-15ubuntu2
2:2.6-15ubuntu2.1
2:2.6-15ubuntu2.2
2:2.6-15ubuntu2.3
2:2.6-15ubuntu2.4
2:2.6-15ubuntu2.5
2:2.6-15ubuntu2.6
2:2.6-15ubuntu2.7
2:2.6-15ubuntu2.8
2:2.6-15ubuntu2.8+esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "hostapd",
            "binary_version": "2:2.6-15ubuntu2.8+esm1"
        },
        {
            "binary_name": "wpagui",
            "binary_version": "2:2.6-15ubuntu2.8+esm1"
        },
        {
            "binary_name": "wpasupplicant",
            "binary_version": "2:2.6-15ubuntu2.8+esm1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-2053.json"