12 matches found
EUVD-2019-3158
Malware in sbrugna...
Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Apport regression (USN-4171-6)
The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4171-6 advisory. USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the proble...
CVE-2019-11482
Sander Bos discovered a time of check to time of use TOCTTOU vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories...
CVE-2019-11483
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user...
CVE-2019-11485
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling...
CVE-2019-11483
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user...
CVE-2019-11482
CVE-2019-11482 affects Ubuntu Apport: a TOCTTOU flaw during core-dump handling could allow a local user to have core files written in arbitrary directories. Documented impact is local, with no exploitation probability given. Concretely, Apport mishandles crash dumps, enabling core file writes to ...
Ubuntu 16.04 LTS / 18.04 LTS : Apport vulnerabilities (USN-4171-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4171-1 advisory. Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to...
CVE-2019-11482
Sander Bos discovered a time of check to time of use TOCTTOU vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories...
CVE-2019-11485
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling...
USN-3480-3: Apport regression
USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local...
Ubuntu 14.04 LTS / 16.04 LTS : Apport vulnerabilities (USN-3480-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3480-1 advisory. Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a deni...