Lucene search
+L

CVE-2020-15702

🗓️ 06 Aug 2020 22:50:22Reported by canonicalType 
cve
 cve
🔗 web.nvd.nist.gov👁 77 Views

TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234

Related
Detection
Affected
Refs
NVD
Node
AND
OR
canonicalapportMatch2.20.11-0ubuntu8
canonicalapportMatch2.20.11-0ubuntu9
canonicalapportMatch2.20.11-0ubuntu10
canonicalapportMatch2.20.11-0ubuntu11
canonicalapportMatch2.20.11-0ubuntu12
canonicalapportMatch2.20.11-0ubuntu13
canonicalapportMatch2.20.11-0ubuntu14
canonicalapportMatch2.20.11-0ubuntu15
canonicalapportMatch2.20.11-0ubuntu16
canonicalapportMatch2.20.11-0ubuntu17
canonicalapportMatch2.20.11-0ubuntu18
canonicalapportMatch2.20.11-0ubuntu19
canonicalapportMatch2.20.11-0ubuntu20
canonicalapportMatch2.20.11-0ubuntu21
canonicalapportMatch2.20.11-0ubuntu22
canonicalapportMatch2.20.11-0ubuntu23
canonicalapportMatch2.20.11-0ubuntu24
canonicalapportMatch2.20.11-0ubuntu25
canonicalapportMatch2.20.11-0ubuntu26
canonicalapportMatch2.20.11-0ubuntu27
canonicalapportMatch2.20.11-0ubuntu27.2
canonicalapportMatch2.20.11-0ubuntu27.3
canonicalapportMatch2.20.11-0ubuntu27.4
canonicalapportMatch2.20.11-0ubuntu27.5
Node
AND
OR
canonicalapportMatch2.20.7-0ubuntu3
canonicalapportMatch2.20.7-0ubuntu3.1
canonicalapportMatch2.20.7-0ubuntu4
canonicalapportMatch2.20.8-0ubuntu1
canonicalapportMatch2.20.8-0ubuntu2
canonicalapportMatch2.20.8-0ubuntu3
canonicalapportMatch2.20.8-0ubuntu4
canonicalapportMatch2.20.8-0ubuntu5
canonicalapportMatch2.20.8-0ubuntu6
canonicalapportMatch2.20.8-0ubuntu7
canonicalapportMatch2.20.8-0ubuntu8
canonicalapportMatch2.20.8-0ubuntu9
canonicalapportMatch2.20.8-0ubuntu10
canonicalapportMatch2.20.9-0ubuntu1
canonicalapportMatch2.20.9-0ubuntu2
canonicalapportMatch2.20.9-0ubuntu3
canonicalapportMatch2.20.9-0ubuntu4
canonicalapportMatch2.20.9-0ubuntu5
canonicalapportMatch2.20.9-0ubuntu6
canonicalapportMatch2.20.9-0ubuntu7
canonicalapportMatch2.20.9-0ubuntu7.1
canonicalapportMatch2.20.9-0ubuntu7.2
canonicalapportMatch2.20.9-0ubuntu7.3
canonicalapportMatch2.20.9-0ubuntu7.4
canonicalapportMatch2.20.9-0ubuntu7.5
canonicalapportMatch2.20.9-0ubuntu7.6
canonicalapportMatch2.20.9-0ubuntu7.7
canonicalapportMatch2.20.9-0ubuntu7.8
canonicalapportMatch2.20.9-0ubuntu7.9
canonicalapportMatch2.20.9-0ubuntu7.10
canonicalapportMatch2.20.9-0ubuntu7.11
canonicalapportMatch2.20.9-0ubuntu7.12
canonicalapportMatch2.20.9-0ubuntu7.13
canonicalapportMatch2.20.9-0ubuntu7.14
canonicalapportMatch2.20.9-0ubuntu7.15
Node
AND
OR
canonicalapportMatch2.19.1-0ubuntu3
canonicalapportMatch2.19.2-0ubuntu1
canonicalapportMatch2.19.2-0ubuntu2
canonicalapportMatch2.19.2-0ubuntu3
canonicalapportMatch2.19.2-0ubuntu4
canonicalapportMatch2.19.2-0ubuntu5
canonicalapportMatch2.19.2-0ubuntu6
canonicalapportMatch2.19.2-0ubuntu7
canonicalapportMatch2.19.2-0ubuntu8
canonicalapportMatch2.19.2-0ubuntu9
canonicalapportMatch2.19.3-0ubuntu1
canonicalapportMatch2.19.3-0ubuntu2
canonicalapportMatch2.19.3-0ubuntu3
canonicalapportMatch2.19.4-0ubuntu1
canonicalapportMatch2.19.4-0ubuntu2
canonicalapportMatch2.20-0ubuntu1
canonicalapportMatch2.20-0ubuntu2
canonicalapportMatch2.20-0ubuntu3
canonicalapportMatch2.20.1-0ubuntu1
canonicalapportMatch2.20.1-0ubuntu2
canonicalapportMatch2.20.1-0ubuntu2.1
canonicalapportMatch2.20.1-0ubuntu2.2
canonicalapportMatch2.20.1-0ubuntu2.4
canonicalapportMatch2.20.1-0ubuntu2.5
canonicalapportMatch2.20.1-0ubuntu2.6
canonicalapportMatch2.20.1-0ubuntu2.7
canonicalapportMatch2.20.1-0ubuntu2.8
canonicalapportMatch2.20.1-0ubuntu2.9
canonicalapportMatch2.20.1-0ubuntu2.10
canonicalapportMatch2.20.1-0ubuntu2.12
canonicalapportMatch2.20.1-0ubuntu2.13
canonicalapportMatch2.20.1-0ubuntu2.14
canonicalapportMatch2.20.1-0ubuntu2.15
canonicalapportMatch2.20.1-0ubuntu2.16
canonicalapportMatch2.20.1-0ubuntu2.17
canonicalapportMatch2.20.1-0ubuntu2.18
canonicalapportMatch2.20.1-0ubuntu2.19
canonicalapportMatch2.20.1-0ubuntu2.20
canonicalapportMatch2.20.1-0ubuntu2.21
canonicalapportMatch2.20.1-0ubuntu2.22
canonicalapportMatch2.20.1-0ubuntu2.23
Node
[
  {
    "product": "apport",
    "vendor": "Canonical",
    "versions": [
      {
        "lessThan": "2.20.1-0ubuntu2.24",
        "status": "affected",
        "version": "2.20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.9-0ubuntu7.16",
        "status": "affected",
        "version": "2.20.9",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.11-0ubuntu27.6",
        "status": "affected",
        "version": "2.20.11",
        "versionType": "custom"
      }
    ]
  }
]

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation