CVE-2019-2180
Published: 5 September 2019
In ippSetValueTag of ipp.c in Android 8.0, 8.1 and 9, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure from the printer service with no additional execution privileges needed. User interaction is not needed for exploitation.
Notes
| Author | Note |
|---|---|
| mdeslaur | this CVE is for the "Fixed IPP buffer overflow (rdar://50035411)" part of the commit This was fixed in bionic by CVE-2019-86xx.patch |
| ccdm94 | This issue was fixed by CVE-2019-86xx.patch in xenial as well. USN-4105-1 contains more information on the fix. |
Priority
Status
| Package | Release | Status |
|---|---|---|
|
cups Launchpad, Ubuntu, Debian |
bionic |
Released
(2.2.7-1ubuntu2.7)
|
| focal |
Not vulnerable
(2.3.1-9ubuntu1.1)
|
|
| groovy |
Not vulnerable
|
|
| hirsute |
Not vulnerable
|
|
| impish |
Not vulnerable
|
|
| jammy |
Not vulnerable
|
|
| kinetic |
Not vulnerable
|
|
| trusty |
Does not exist
|
|
| upstream |
Released
(2.2.12-1)
|
|
| xenial |
Released
(2.1.3-4ubuntu0.10)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
|
|
Patches: upstream: https://github.com/apple/cups/commit/f24e6cf6a39300ad0c3726a41a4aab51ad54c109 |
||
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |