Candidate: CVE-2018-19416
PublicDate: 2018-11-21 20:29:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-19416
Description:
 An issue was discovered in sysstat 12.1.1. The remap_struct function in
 sa_common.c has an out-of-bounds read during a memmove call, as
 demonstrated by sadf.
Ubuntu-Description:
Notes:
Bugs:
 https://github.com/sysstat/sysstat/issues/196
 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914384
Priority: low
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [7.8 HIGH]


Patches_sysstat:
 upstream: https://github.com/sysstat/sysstat/commit/fbc691eaaa10d0bcea6741d5a223dc3906106548
upstream_sysstat: needs-triage
precise/esm_sysstat: not-affected (code not present)
trusty_sysstat: not-affected (code not present)
trusty/esm_sysstat: not-affected (code not present)
xenial_sysstat: not-affected (code not present)
esm-infra/xenial_sysstat: not-affected (code not present)
bionic_sysstat: not-affected (code not present)
cosmic_sysstat: ignored (reached end-of-life)
disco_sysstat: ignored (reached end-of-life)
eoan_sysstat: released (12.0.3-1)
devel_sysstat: released (12.0.3-1)