apport-cli
by Canonical
CVEs (30)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-15701 | 0.00 | — | 0.00 | Aug 6, 2020 | An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in… | |||
| CVE-2019-15790 | 0.00 | — | 0.00 | Apr 27, 2020 | Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read… | |||
| CVE-2020-8833 | 0.00 | — | 0.00 | Apr 22, 2020 | Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron… | |||
| CVE-2020-8831 | 0.00 | — | 0.00 | Apr 22, 2020 | Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will simply continue execution using… | |||
| CVE-2019-11485 | 0.00 | — | 0.00 | Feb 8, 2020 | Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling. | |||
| CVE-2019-11483 | 0.00 | — | 0.00 | Feb 8, 2020 | Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. | |||
| CVE-2019-11482 | 0.00 | — | 0.00 | Feb 8, 2020 | Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories. | |||
| CVE-2019-11481 | 0.00 | — | 0.00 | Feb 8, 2020 | Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences. | |||
| CVE-2017-14179 | 0.00 | — | 0.00 | Feb 2, 2018 | Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from… | |||
| CVE-2017-14177 | 0.00 | — | 0.00 | Feb 2, 2018 | Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability… |
- CVE-2020-15701Aug 6, 2020risk 0.00cvss —epss 0.00
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in…
- CVE-2019-15790Apr 27, 2020risk 0.00cvss —epss 0.00
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read…
- CVE-2020-8833Apr 22, 2020risk 0.00cvss —epss 0.00
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown calls when the Apport cron…
- CVE-2020-8831Apr 22, 2020risk 0.00cvss —epss 0.00
Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will simply continue execution using…
- CVE-2019-11485Feb 8, 2020risk 0.00cvss —epss 0.00
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
- CVE-2019-11483Feb 8, 2020risk 0.00cvss —epss 0.00
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.
- CVE-2019-11482Feb 8, 2020risk 0.00cvss —epss 0.00
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
- CVE-2019-11481Feb 8, 2020risk 0.00cvss —epss 0.00
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
- CVE-2017-14179Feb 2, 2018risk 0.00cvss —epss 0.00
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from…
- CVE-2017-14177Feb 2, 2018risk 0.00cvss —epss 0.00
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability…
Page 2 of 2