There is a race condition in the ‘replaced executable’ detection that, with
the correct local configuration, allow an attacker to execute arbitrary
code as root.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 18.04 | noarch | apport | < 2.20.9-0ubuntu7.28 | UNKNOWN |
ubuntu | 20.04 | noarch | apport | < 2.20.11-0ubuntu27.24 | UNKNOWN |
ubuntu | 21.10 | noarch | apport | < 2.20.11-0ubuntu71.2 | UNKNOWN |
ubuntu | 22.04 | noarch | apport | < 2.20.11-0ubuntu82.1 | UNKNOWN |
ubuntu | 22.10 | noarch | apport | < 2.21.0-0ubuntu1 | UNKNOWN |
ubuntu | 23.04 | noarch | apport | < 2.21.0-0ubuntu1 | UNKNOWN |
ubuntu | 23.10 | noarch | apport | < 2.21.0-0ubuntu1 | UNKNOWN |
ubuntu | 24.04 | noarch | apport | < 2.21.0-0ubuntu1 | UNKNOWN |
ubuntu | 14.04 | noarch | apport | < any | UNKNOWN |
ubuntu | 16.04 | noarch | apport | < any | UNKNOWN |