692 matches found
CVE-2025-5054 Race Condition in Canonical Apport
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function checkglobalpidandforward, which detects if the crashing process resided in a container, was being called...
Canonical Apport 竞争条件问题漏洞
Canonical Apport is a toolkit from Canonical UK for collecting and providing feedback on error messages information that the operating system considers useful when an application crashes. A security vulnerability exists in Canonical Apport version 2.32.0 and earlier, which originates from a...
Qualys TRU Discovers Two Local Information Disclosure Vulnerabilities in Apport and systemd-coredump: CVE-2025-5054 and CVE-2025-4598
The Qualys Threat Research Unit TRU has discovered two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities. The first CVE-2025-5054 affects Ubuntu's core-dump handler, Apport , and the second CVE-2025-4598 targets...
USN-7545-1 apport vulnerability
Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information...
USN-7545-1: Apport vulnerability
Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information...
PT-2025-23218
Name of the Vulnerable Software and Affected Versions Canonical apport versions up to and including 2.32.0 Description A race condition in Canonical apport allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. The issue arises when handling a crash, as the...
UBUNTU-CVE-2025-5054
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function checkglobalpidandforward, which detects if the crashing process resided in a container, was being called...
CVE-2022-28656
isclosingsession allows users to consume RAM in the Apport process...
CVE-2022-1242
Apport can be tricked into connecting to arbitrary sockets as the root user...
CVE-2022-28657
Apport does not disable python crash handler before entering chroot...
CVE-2022-28658
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing...
CVE-2013-1067
Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...
Apport 安全漏洞
Canonical Apport is a toolkit from Canonical UK for collecting and feeding back error messages information that the operating system finds useful when an application crashes. A security vulnerability exists in versions of Apport prior to 2.21.0 that stems from allowing unlimited disk space to be...
Ubuntu: Security Advisory (USN-6894-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS : Apport vulnerabilities (USN-6894-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6894-1 advisory. Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly us...
USN-6894-1 apport vulnerabilities
Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...
USN-6894-1: Apport vulnerabilities
Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...
CVE-2022-28656
isclosingsession allows users to consume RAM in the Apport process...
CVE-2022-28657
Apport does not disable python crash handler before entering chroot...
CVE-2022-28658
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing...