It was discovered that GNU cflow was incorrectly handling memory cleanup operations at the end of a compilation module. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "cflow", "binary_version": "1:1.4+dfsg1-3ubuntu1.16.04.1~esm1" }, { "binary_name": "cflow-dbgsym", "binary_version": "1:1.4+dfsg1-3ubuntu1.16.04.1~esm1" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "cflow", "binary_version": "1:1.4+dfsg1-3ubuntu1.18.04.1~esm1" }, { "binary_name": "cflow-dbgsym", "binary_version": "1:1.4+dfsg1-3ubuntu1.18.04.1~esm1" } ] }