24 matches found
CVE-2019-11485
CVE-2019-11485 affects the Ubuntu Apport package: the lock file is created in a world-writable directory, allowing a local authenticated user to prevent crash handling. This is a local-priority issue with low to moderate impact as described, and remediation is via the corresponding Ubuntu securit...
CVE-2019-11483
CVE-2019-11483 affects the Ubuntu Apport package. The issue arises from mishandling crash dumps originating from containers, potentially allowing a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Connected advisories (USN-4171-5/6) indi...
CVE-2022-28652
CVE-2022-28652 affects the Apport component, specifically ~/.config/apport/settings parsing. The vulnerability is described as a parsing issue (billion laughs) with local attack vector and a high availability impact in the NVD metrics. The connected records confirm affected product/area and the u...
CVE-2019-11482
CVE-2019-11482 affects Ubuntu Apport: a TOCTTOU flaw during core-dump handling could allow a local user to have core files written in arbitrary directories. Documented impact is local, with no exploitation probability given. Concretely, Apport mishandles crash dumps, enabling core file writes to ...
CVE-2019-11481
CVE-2019-11481 affects Ubuntu Apport: a local attacker could cause Apport to read a configuration file with root privileges by replacing the file with a symbolic link, allowing read access to arbitrary files as root. Root cause is the handling of user-supplied settings during crash-dump/report ge...
CVE-2019-7307
CVE-2019-7307 affects Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5. The flaw is a TOCTTOU vulnerability when reading the user’s ~/.apport-ignore.xml, allowing a local attacker to replace that file with a symlink to an...
CVE-2019-15790
CVE-2019-15790 concerns Ubuntu’s Apport crash-dump handling. The records show an unprivileged user could read information about a privileged process from /proc/pid and use it to obtain ASLR offsets for a memory-corruption vulnerability, via PID recycling. The root cause involves Apport reading/wr...
CVE-2017-10708
CVE-2017-10708 : The issue affects Apport up to version 2.20.x. In apport/report.py, the code sets the ExecutablePath field and then uses that path to run package-specific hooks without validating against path traversal, allowing a remote attacker to execute arbitrary code via a crafted .crash fi...
CVE-2018-6552
CVE-2018-6552 affects the Ubuntu Apport component. The vulnerability arises when Apport handles crashes originating from a PID namespace; if /proc// is missing, the code may forward the crash using the container’s pid in the global namespace. This can allow a local attacker to cause a denial of s...
CVE-2020-8831
CVE-2020-8831 : Apport creates a world-writable lock file with root ownership in /var/lock/apport. If the directory is missing (common on tmpfs), Apport creates it; otherwise it uses the existing directory. This enables a symlink attack by placing a link at /var/lock/apport to redirect Apport’s l...
CVE-2020-8833
The CVE-2020-8833 issue affects Ubuntu’s Apport crash-report handling. A Time-of-check Time-of-use race between os.open and os.chown can allow a local attacker to change crash-file ownership to root when fs.protected_symlinks is disabled, via a symlink with the same name as a deleted file. The fi...
CVE-2015-1338
CVE-2015-1338 affects the Apport crash-dump handling in Linux environments (kernel_crashdump) prior to version 2.19. A local attacker could exploit insecure crash dump file handling to cause a denial of service via disk consumption or potentially elevate privileges through symlink or hard link at...
CVE-2015-1318
CVE-2015-1318 affects Ubuntu’s Apport crash-reporting feature (versions 2.13–2.17.x before 2.17.1). A local attacker could exploit the vulnerability by forwarding reports to a container and altering the root directory before loading crashes, causing usr/share/apport/apport in the crashed task’s d...
CVE-2022-28658
CVE-2022-28658 concerns the Apport component of Ubuntu/Linux, where argument parsing mishandles filename splitting on older kernels, enabling local argument spoofing to the Apport daemon. The issue affects Apport’s handling of certain filenames and command-line arguments, with the published CVSS ...
CVE-2016-9949
CVE-2016-9949 affects Apport prior to 2.20.4. In apport/ui.py, Apport reads the CrashDB field and, if it begins with a '{', evaluates it as Python code, allowing remote attackers to execute arbitrary Python code via a crafted crash file. The vulnerability is demonstrated on Ubuntu desktop release...
CVE-2017-14177
Apport 2.20.7 and earlier on Ubuntu is affected by CVE-2017-14177 (and related CVE-2017-14180): improper handling of core dumps from setuid binaries enables local users to exhaust resources or potentially gain root privileges. The vulnerability stems from an incomplete fix for CVE-2015-1324. The ...
CVE-2022-28655
CVE-2022-28655 affects the Apport component on Linux/Ubuntu, where is_closing_session() allows a local user to create arbitrary TCP D-Bus connections. The available documents describe a local attack surface with potential integrity and availability impact (I: High, A: High) while confidentiality ...
CVE-2016-9950
CVE-2016-9950 affects Apport before 2.20.4. A path traversal in the crash file handling (Package and SourcePackage fields) builds paths to /usr/share/apport/package-hooks/ and can be exploited to execute arbitrary Python files on the local system. Affected software is Apport; root cause is improp...
CVE-2016-9951
CVE-2016-9951 affects Apport prior to 2.20.4. A malicious crash file can contain a restart command in the RespawnCommand or ProcCmdline fields, which is executed if a user clicks the Relaunch button on the Apport prompt. The underlying issue is that crash file content can trigger arbitrary comman...
CVE-2017-14180
CVE-2017-14180 affects Apport 2.13–2.20.7. The vulnerability arises from handling crashes within a PID namespace, allowing local users to create files as root and potentially cause DoS via resource exhaustion or gain root privileges. The issue is noted as distinct from CVE-2017-14179. Public docu...
CVE-2017-14179
CVE-2017-14179 affects Apport before 2.13. The issue stems from how crashes originating in a PID namespace are handled, allowing a local attacker to create files as root, which can be used to cause a denial of service via resource exhaustion and potentially gain root privileges or escape from con...
CVE-2022-28657
CVE-2022-28657 concerns Apport, where the Python crash handler is not disabled before chroot, enabling a local attacker to exploit the issue. The vulnerability is described across multiple advisories (e.g., Ubuntu USN-6894-1) and related Nessus/OSV entries, all referencing the same root cause: Ap...
CVE-2022-28656
CVE-2022-28656 affects the Apport component in Ubuntu-derived environments. The vulnerability is described as: when is_closing_session() runs, it allows local users to consume RAM in the Apport process, which can lead to a local denial of service. The issue is disclosed and tracked across multipl...
CVE-2022-28654
CVE-2022-28654 concerns the Apport component in Linux/Ubuntu. The is_closing_session() path allows an attacker to fill the apport.log, causing a denial of service or local resource exhaustion as described in multiple advisories. The vulnerability is locally exploitable with low privileges and doe...