UBUNTU-CVE-2019-9233

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2019-9233

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-9233.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-9233

Upstream

CVE-2019-9233

Published

2019-09-27T19:15:00Z

Modified

2025-10-24T04:47:32Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Ubuntu - low

Summary

[none]

Details

In wpasupplicant8, there is a possible out of bounds read due to an incorrect bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: AndroidVersions: Android-10Android ID: A-122529021

References

Affected packages

Ubuntu:18.04:LTS / wpa

Package

Name: wpa
Purl: pkg:deb/ubuntu/wpa@2:2.6-15ubuntu2.8+esm1?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2.*

2.4-0ubuntu10

2:2.*

2:2.4-1.1ubuntu1

2:2.6-15ubuntu1

2:2.6-15ubuntu2

2:2.6-15ubuntu2.1

2:2.6-15ubuntu2.2

2:2.6-15ubuntu2.3

2:2.6-15ubuntu2.4

2:2.6-15ubuntu2.5

2:2.6-15ubuntu2.6

2:2.6-15ubuntu2.7

2:2.6-15ubuntu2.8

2:2.6-15ubuntu2.8+esm1

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2:2.6-15ubuntu2.8+esm1",
            "binary_name": "hostapd"
        },
        {
            "binary_version": "2:2.6-15ubuntu2.8+esm1",
            "binary_name": "wpagui"
        },
        {
            "binary_version": "2:2.6-15ubuntu2.8+esm1",
            "binary_name": "wpasupplicant"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-9233.json"

Ubuntu:20.04:LTS / wpa

Package

Name: wpa
Purl: pkg:deb/ubuntu/wpa@2:2.9-1ubuntu4.6?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

2:2.*

2:2.9-1ubuntu2

2:2.9-1ubuntu3

2:2.9-1ubuntu4

2:2.9-1ubuntu4.1

2:2.9-1ubuntu4.2

2:2.9-1ubuntu4.3

2:2.9-1ubuntu4.4

2:2.9-1ubuntu4.6

Ecosystem specific

{
    "binaries": [
        {
            "binary_version": "2:2.9-1ubuntu4.6",
            "binary_name": "hostapd"
        },
        {
            "binary_version": "2:2.9-1ubuntu4.6",
            "binary_name": "wpagui"
        },
        {
            "binary_version": "2:2.9-1ubuntu4.6",
            "binary_name": "wpasupplicant"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-9233.json"