Lucene search
K

692 matches found

Cvelist
Cvelist
added 2025/05/30 5:37 p.m.54 views

CVE-2025-5054 Race Condition in Canonical Apport

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function checkglobalpidandforward, which detects if the crashing process resided in a container, was being called...

4.7CVSS0.00668EPSS
Exploits2References3
CNNVD
CNNVD
added 2025/05/30 12:0 a.m.5 views

Canonical Apport 竞争条件问题漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and providing feedback on error messages information that the operating system considers useful when an application crashes. A security vulnerability exists in Canonical Apport version 2.32.0 and earlier, which originates from a...

4.7CVSS4.8AI score0.00668EPSS
Exploits2References6
Qualys Blog
Qualys Blog
added 2025/05/29 5:16 p.m.63 views

Qualys TRU Discovers Two Local Information Disclosure Vulnerabilities in Apport and systemd-coredump: CVE-2025-5054 and CVE-2025-4598

The Qualys Threat Research Unit TRU has discovered two local information-disclosure vulnerabilities in Apport and systemd-coredump. Both issues are race-condition vulnerabilities. The first CVE-2025-5054 affects Ubuntu's core-dump handler, Apport , and the second CVE-2025-4598 targets...

4.7CVSS5.3AI score0.00668EPSS
Exploits3
OSV
OSV
added 2025/05/29 1:48 p.m.4 views

USN-7545-1 apport vulnerability

Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information...

4.7CVSS5.8AI score0.00668EPSS
Exploits2References2
Ubuntu
Ubuntu
added 2025/05/29 1:48 p.m.6 views

USN-7545-1: Apport vulnerability

Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information...

4.7CVSS5.3AI score0.00668EPSS
Exploits2
Positive Technologies
Positive Technologies
added 2025/05/29 12:0 a.m.4 views

PT-2025-23218

Name of the Vulnerable Software and Affected Versions Canonical apport versions up to and including 2.32.0 Description A race condition in Canonical apport allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. The issue arises when handling a crash, as the...

4.7CVSS4.5AI score0.00668EPSS
Exploits2References66
OSV
OSV
added 2025/05/29 12:0 a.m.7 views

UBUNTU-CVE-2025-5054

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function checkglobalpidandforward, which detects if the crashing process resided in a container, was being called...

4.7CVSS5.7AI score0.00668EPSS
Exploits2References3
RedhatCVE
RedhatCVE
added 2025/05/23 12:41 a.m.12 views

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

5.5CVSS6.6AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:30 p.m.4 views

CVE-2022-1242

Apport can be tricked into connecting to arbitrary sockets as the root user...

7.8CVSS7.1AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.8 views

CVE-2022-28657

Apport does not disable python crash handler before entering chroot...

7.8CVSS6.8AI score0.00228EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:42 p.m.7 views

CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing...

5.5CVSS6.8AI score0.00204EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:54 a.m.7 views

CVE-2013-1067

Apport 2.12.5 and earlier uses weak permissions for core dump files created by setuid binaries, which allows local users to obtain sensitive information by reading the file...

4.9CVSS6.5AI score0.00402EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/31 12:0 a.m.7 views

Apport 安全漏洞

Canonical Apport is a toolkit from Canonical UK for collecting and feeding back error messages information that the operating system finds useful when an application crashes. A security vulnerability exists in versions of Apport prior to 2.21.0 that stems from allowing unlimited disk space to be...

7.5CVSS7.3AI score0.00386EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2024/07/12 12:0 a.m.17 views

Ubuntu: Security Advisory (USN-6894-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.8CVSS7.1AI score0.00384EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/07/12 12:0 a.m.29 views

Ubuntu 16.04 LTS : Apport vulnerabilities (USN-6894-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6894-1 advisory. Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly us...

7.8CVSS7AI score0.00384EPSS
Exploits0References9
OSV
OSV
added 2024/07/11 8:8 p.m.36 views

USN-6894-1 apport vulnerabilities

Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...

7.8CVSS7AI score0.00384EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2024/07/11 8:8 p.m.36 views

USN-6894-1: Apport vulnerabilities

Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2021-3899 Gerrit Venema discovered that Apport incorrectly handled connections to...

7.8CVSS7AI score0.00384EPSS
Exploits0
NVD
NVD
added 2024/06/04 10:15 p.m.29 views

CVE-2022-28656

isclosingsession allows users to consume RAM in the Apport process...

5.5CVSS6.3AI score0.00199EPSS
Exploits0References2
NVD
NVD
added 2024/06/04 10:15 p.m.31 views

CVE-2022-28657

Apport does not disable python crash handler before entering chroot...

7.8CVSS6.5AI score0.00228EPSS
Exploits0References2
NVD
NVD
added 2024/06/04 10:15 p.m.24 views

CVE-2022-28658

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing...

5.5CVSS6.5AI score0.00204EPSS
Exploits0References2
Rows per page
Query Builder