CVSS: 4.7EPSS: 0%CPEs: 6EXPL: 0CVE-2019-11482 – Race condition between reading current working directory and writing a core dump
https://notcve.org/view.php?id=CVE-2019-11482
30 Oct 2019 — Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories. Sander Bos detectó una vulnerabilidad de tiempo de comprobación a tiempo de uso (TOCTTOU) en Apport que permitía al usuario causar que los archivos principales se escribieran en directorios arbitrarios. USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, a... • https://usn.ubuntu.com/usn/usn-4171-1 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.0EPSS: 0%CPEs: 6EXPL: 0CVE-2019-11483 – Ubuntu Security Notice USN-4171-6
https://notcve.org/view.php?id=CVE-2019-11483
30 Oct 2019 — Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. Sander Bos detectó que Apport manejó inapropiadamente los vertederos accidentales procedentes de contenedores. Esto podría ser utilizado por un atacante local para generar un reporte de bloqueo para un proceso privilegiado que pueda ser leído por un usuario no privilegiado. USN-4171-1 fixed vulner... • https://usn.ubuntu.com/usn/usn-4171-1 •
CVSS: 3.3EPSS: 0%CPEs: 6EXPL: 0CVE-2019-11485 – apport created lock file in wrong directory
https://notcve.org/view.php?id=CVE-2019-11485
30 Oct 2019 — Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling. Sander Bos detectó que el archivo de bloqueo de Apport estaba en un directorio de tipo world-writable que permitía a todos los usuarios impedir el manejo de bloqueos. USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. • https://usn.ubuntu.com/usn/usn-4171-1 • CWE-412: Unrestricted Externally Accessible Lock •
CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 2CVE-2019-7307 – Apport contains a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml
https://notcve.org/view.php?id=CVE-2019-7307
09 Jul 2019 — Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad,... • https://packetstorm.news/files/id/172858 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6552 – Apport treats the container PID as the global PID when /proc/<global_pid>/ is missing
https://notcve.org/view.php?id=CVE-2018-6552
31 May 2018 — Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The is_same_ns() function returns True when /proc/
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-14179
https://notcve.org/view.php?id=CVE-2017-14179
02 Feb 2018 — Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. Apport, en versiones anteriores a la 2.13, no gestiona adecuadamente los cierres inesperados provenientes de un espacio de nombre PID, lo que permite que los usuarios locales creen ciertos archivos como root. Un atacante podría... • https://launchpad.net/bugs/1726372 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-14177 – Ubuntu Security Notice USN-3480-2
https://notcve.org/view.php?id=CVE-2017-14177
16 Nov 2017 — Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324. Apport, hasta la versión 2.20.7, no gestiona adecuadamente lo volcados de núcleo de binarios setuid, lo que permite que los usuarios locales creen ciertos archivos como root. Un ... • https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-14180 – Ubuntu Security Notice USN-3480-2
https://notcve.org/view.php?id=CVE-2017-14180
16 Nov 2017 — Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179. Apport 2.13 hasta la versión 2.20.7 no gestiona adecuadamente los cierres inesperados provenientes de un espacio de nombre PID, lo que permite que los usuarios locales creen ciertos archivos como r... • https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2017-10708
https://notcve.org/view.php?id=CVE-2017-10708
18 Jul 2017 — An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arbitrary code via a crafted .crash file. Fue detectado un problema en Apport hasta la versión 2.20.x. En el archivo apport/report.py, Apport establece el campo ExecutablePath y, a entonces, usa la ruta (path) de acceso para ejecutar enlaces específicos del paquete... • https://launchpad.net/bugs/1700573 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.3EPSS: 16%CPEs: 2EXPL: 3CVE-2016-9949 – Apport 2.x (Ubuntu Desktop 12.10 < 16.04) - Local Code Execution
https://notcve.org/view.php?id=CVE-2016-9949
15 Dec 2016 — An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code. Un problema fue descubierto en Apport en versiones anteriores a 2.20.4. En apport/ui.py, Apport lee el campo CashDB y después evalúa el campo como código Python si comienza con un "{". • https://packetstorm.news/files/id/140207 • CWE-94: Improper Control of Generation of Code ('Code Injection') •