apport-cli
by Canonical
CVEs (29)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-25684 | Hig | 0.57 | 8.8 | 0.01 | Jun 11, 2021 | It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO. | ||
| CVE-2021-25683 | Hig | 0.57 | 8.8 | 0.00 | Jun 11, 2021 | It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel. | ||
| CVE-2021-25682 | Hig | 0.57 | 8.8 | 0.00 | Jun 11, 2021 | It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel. | ||
| CVE-2021-32555 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32554 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32553 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32552 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32551 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32550 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32549 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32548 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users. | ||
| CVE-2021-32547 | Hig | 0.47 | 7.3 | 0.00 | Jun 12, 2021 | It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users. | ||
| CVE-2020-15702 | Hig | 0.46 | 7.0 | 0.01 | Aug 6, 2020 | TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to… | ||
| CVE-2019-11483 | Hig | 0.46 | 7.0 | 0.00 | Feb 8, 2020 | Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. | ||
| CVE-2019-7307 | Hig | 0.46 | 7.0 | 0.00 | Aug 29, 2019 | Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to… | ||
| CVE-2021-3710 | Med | 0.42 | 6.5 | 0.00 | Oct 1, 2021 | An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26;… | ||
| CVE-2021-3709 | Med | 0.42 | 6.5 | 0.00 | Oct 1, 2021 | Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2;… | ||
| CVE-2020-8831 | Med | 0.42 | 6.5 | 0.01 | Apr 22, 2020 | Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will simply continue execution using… | ||
| CVE-2020-15701 | Med | 0.36 | 5.5 | 0.00 | Aug 6, 2020 | An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in… | ||
| CVE-2020-8833 | Med | 0.36 | 5.6 | 0.00 | Apr 22, 2020 | Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron… |
- risk 0.57cvss 8.8epss 0.01
It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.
- risk 0.57cvss 8.8epss 0.00
It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.
- risk 0.57cvss 8.8epss 0.00
It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.
- risk 0.47cvss 7.3epss 0.00
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.
- risk 0.46cvss 7.0epss 0.01
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to…
- risk 0.46cvss 7.0epss 0.00
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.
- risk 0.46cvss 7.0epss 0.00
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to…
- risk 0.42cvss 6.5epss 0.00
An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26;…
- risk 0.42cvss 6.5epss 0.00
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2;…
- risk 0.42cvss 6.5epss 0.01
Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will simply continue execution using…
- risk 0.36cvss 5.5epss 0.00
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in…
- risk 0.36cvss 5.6epss 0.00
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron…
Page 1 of 2