CVE-2019-7317

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 18.10
Canonical Ubuntu Linux	Version 19.04

Configuration D

6 vulnerable

Vulnerable Software	Affected Versions
Oracle Hyperion Infrastructure Technology	Version 11.2.6.0
Oracle Java Se	Version 7u221
Oracle Java Se	Version 8u212
Oracle Jdk	Version 11.0.3
Oracle Jdk	Version 12.0.1
Oracle Mysql	Before 8.0.23

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Hp Xp7 Command View	Before 8.7.0-00
Hpe Xp7 Command View Advanced Edition Suite	Before 8.7.0-00

Configuration F

2 vulnerable

Vulnerable Software	Affected Versions
Mozilla Firefox	All versions
Mozilla Thunderbird	All versions

Configuration G

3 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0
Opensuse Leap	Version 15.1
Opensuse Leap	Version 42.3

Configuration H

1 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Opensuse Package Hub	All versions

Running on/with	Platform Versions
Suse Linux Enterprise	Version 12.0

Configuration I

17 vulnerable

Vulnerable Software	Affected Versions
Netapp Active Iq Unified Manager	Before 9.6
Netapp Active Iq Unified Manager	Before 9.6
Netapp Active Iq Unified Manager	Version 9.6
Netapp Active Iq Unified Manager	Version 9.6
Netapp Cloud Backup	All versions
Netapp E Series Santricity Management	All versions
Netapp E Series Santricity Storage Manager	Before 11.53
Netapp E Series Santricity Unified Manager	Before 3.2
Netapp E Series Santricity Web Services	Before 4.0
Netapp Oncommand Insight	Before 7.3.9
Netapp Oncommand Workflow Automation	Before 5.1
Netapp Plug In For Symantec Netbackup	All versions
Netapp Snapmanager	Before 3.4.2
Netapp Snapmanager	Before 3.4.2
Netapp Snapmanager	Version 3.4.2 p1
Netapp Snapmanager	Version 3.4.2 p1
Netapp Steelstore	All versions

Configuration J

17 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 6.0
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux Desktop	Version 6.0
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux For Ibm Z Systems	Version 6.0
Redhat Enterprise Linux For Ibm Z Systems	Version 7.0
Redhat Enterprise Linux For Ibm Z Systems	Version 8.0
Redhat Enterprise Linux For Power Big Endian	Version 6.0
Redhat Enterprise Linux For Power Big Endian	Version 7.0
Redhat Enterprise Linux For Power Little Endian	Version 7.0
Redhat Enterprise Linux For Power Little Endian	Version 8.0
Redhat Enterprise Linux For Scientific Computing	Version 6.0
Redhat Enterprise Linux For Scientific Computing	Version 7.0
Redhat Enterprise Linux Workstation	Version 6.0
Redhat Enterprise Linux Workstation	Version 7.0
Redhat Satellite	Version 5.8

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (84)

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00029.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00084.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00038.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00044.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/152561/Slackware-Security-Advisory-libpng-Updates.html

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securityfocus.com/bid/108098

Source: cve@mitre.org

Not ApplicableThird Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHSA-2019:1265

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1267

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1269

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1308

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1309

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1310

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2494

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2495

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2585

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2590

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2592

Source: cve@mitre.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2737

Source: cve@mitre.org

Third Party Advisory

https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=12803

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://github.com/glennrp/libpng/issues/275

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/05/msg00032.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://lists.debian.org/debian-lts-announce/2019/05/msg00038.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/Apr/30

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/Apr/36

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/May/56

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/May/59

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://seclists.org/bugtraq/2019/May/67

Source: cve@mitre.org

Issue TrackingMailing ListThird Party Advisory

https://security.gentoo.org/glsa/201908-02

Source: cve@mitre.org

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190719-0005/

Source: cve@mitre.org

Third Party Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03977en_us

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3962-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3991-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/3997-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4080-1/

Source: cve@mitre.org

Third Party Advisory

https://usn.ubuntu.com/4083-1/

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4435

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4448

Source: cve@mitre.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4451

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuApr2021.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/security-alerts/cpuoct2021.html

Source: cve@mitre.org

Third Party Advisory

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: cve@mitre.org

PatchThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00002.html