CVE-2023-1326 – local privilege escalation in apport-cli
https://notcve.org/view.php?id=CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit. • https://github.com/diego-tella/CVE-2023-1326-PoC https://github.com/cve-2024/CVE-2023-1326-PoC https://github.com/Pol-Ruiz/CVE-2023-1326 https://github.com/N3rdyN3xus/CVE-2023-1326 https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb https://ubuntu.com/security/notices/USN-6018-1 • CWE-269: Improper Privilege Management •
CVE-2022-28656
https://notcve.org/view.php?id=CVE-2022-28656
is_closing_session() allows users to consume RAM in the Apport process is_closing_session() permite a los usuarios consumir RAM en el proceso de Apport • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28656 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVE-2022-28657
https://notcve.org/view.php?id=CVE-2022-28657
Apport does not disable python crash handler before entering chroot Apport no desactiva el controlador de fallos de Python antes de ingresar a chroot • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-28657 • CWE-400: Uncontrolled Resource Consumption •
CVE-2022-1242
https://notcve.org/view.php?id=CVE-2022-1242
Apport can be tricked into connecting to arbitrary sockets as the root user Se puede engañar a Apport para que se conecte a sockets arbitrarios como usuario root • https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2022-1242 •
CVE-2021-3899
https://notcve.org/view.php?id=CVE-2021-3899
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root. Existe una condición de ejecución en la detección de 'ejecutable reemplazado' que, con la configuración local correcta, permite a un atacante ejecutar código arbitrario como root. • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376 https://ubuntu.com/security/notices/USN-5427-1 https://www.cve.org/CVERecord?id=CVE-2021-3899 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •