Path traversal

An information disclosure via path traversal was discovered in apport/hookutils.py function readfile. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior ...

CVE-2021-32547

It was discovered that readfile in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users...

CVE-2021-32554

CVE-2021-32554 concerns Ubuntu Apport: read_file() in apport/hookutils.py could follow symbolic links or open FIFOs when invoked by xorg package apport hooks, exposing private data to other local users. Exploitation is described as a local information disclosure (vector involves reading private f...

CVE-2021-32549

CVE-2021-32549 affects the Ubuntu Apport read_file() in apport/hookutils.py, which could follow symbolic links or open FIFOs, exposing private data to local users when used by the openjdk-13 package apport hooks. Public sources describe impact as local, with partial or high confidentiality impact...

CVE-2021-32548

The CVE-2021-32548 issue affects the Ubuntu Apport component: read_file() in apport/hookutils.py can follow symbolic links or open FIFOs when invoked by the openjdk-8 package apport hooks, enabling a local attacker to view private data of other users. This matches the described impact of partial ...