2 matches found
CVE-2020-15702
CVE-2020-15702 describes a TOCTOU race condition in the Apport component of Ubuntu. The vulnerability allows a local attacker to escalate privileges and potentially execute arbitrary code by exploiting PID recycling after a crash, enabling a root process to inherit the crashed process’ PID. Affec...
USN-4449-1: Apport vulnerabilities
Ryota Shiga working with Trend Micro´s Zero Day Initiative, discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. CVE-2020-11936 Seong-Joong Kim discovered that Apport incorrectly parsed configuration...