PublicDateAtUSN: 2020-09-11 00:00:00 UTC
Candidate: CVE-2020-14392
PublicDate: 2020-09-16 13:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14392
 https://ubuntu.com/security/notices/USN-4503-1
Description:
 An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A
 local attacker who is able to manipulate calls to dbd_db_login6_sv() could
 cause memory corruption, affecting the service's availability.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by:
Assigned-to: leosilva
CVSS:
 nvd: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H [5.5 MEDIUM]


Patches_libdbi-perl:
 upstream: https://github.com/perl5-dbi/dbi/commit/ea99b6aafb437db53c28fd40d5eafbe119cd66e1
upstream_libdbi-perl: released (1.643-1)
precise/esm_libdbi-perl: released (1.616-1ubuntu0.1)
trusty_libdbi-perl: ignored (out of standard support)
trusty/esm_libdbi-perl: released (1.630-1ubuntu0.1~esm1)
xenial_libdbi-perl: released (1.634-1ubuntu0.1)
esm-infra/xenial_libdbi-perl: released (1.634-1ubuntu0.1)
bionic_libdbi-perl: released (1.640-1ubuntu0.1)
focal_libdbi-perl: not-affected (1.643-1)
devel_libdbi-perl: not-affected