CVSS: 6.5EPSS: 0%CPEs: 175EXPL: 1CVE-2021-3710 – Apport info disclosure via path traversal bug in read_file
https://notcve.org/view.php?id=CVE-2021-3710
01 Oct 2021 — An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3; Se ha detectado una divulgación de información por medio de un salto de ruta en la función read_file() del archivo apport/hookutils.py. Este... • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-24: Path Traversal: '../filedir' •
CVSS: 6.5EPSS: 0%CPEs: 175EXPL: 1CVE-2021-3709 – Apport file permission bypass through emacs byte compilation errors
https://notcve.org/view.php?id=CVE-2021-3709
14 Sep 2021 — Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3; La función check_attachment_for_errors() en el archivo data/general-hooks/ubuntu.py podría ser ... • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') CWE-538: Insertion of Sensitive Information into Externally-Accessible File or Directory •
CVSS: 7.1EPSS: 0%CPEs: 6EXPL: 1CVE-2021-32557 – apport process_report() arbitrary file write
https://notcve.org/view.php?id=CVE-2021-32557
12 Jun 2021 — It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks. Se ha detectado que la función process_report() en la ruta data/whoopsie-upload-all permitía la escritura arbitraria de archivos por medio de enlaces simbólicos • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-59: Improper Link Resolution Before File Access ('Link Following') CWE-61: UNIX Symbolic Link (Symlink) Following •
CVSS: 3.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-32556 – apport get_modified_conffiles() function command injection
https://notcve.org/view.php?id=CVE-2021-32556
12 Jun 2021 — It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call. Se ha detectado que la función get_modified_conffiles() en el archivo backends/packaging-apt-dpkg.py permitía inyectar nombres de paquetes modificados de forma que se confundía la llamada a dpkg(1) • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 5.5EPSS: 0%CPEs: 107EXPL: 1CVE-2020-15701 – Unhandled exception in apport
https://notcve.org/view.php?id=CVE-2020-15701
05 Aug 2020 — An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6. Un atacante local puede explotar una excepción no manejada en la función check_ignored() en el archivo apport/report.py para causar una denegación de servicio. Si el atributo mtime es un v... • https://launchpad.net/bugs/1877023 • CWE-755: Improper Handling of Exceptional Conditions •
CVSS: 7.0EPSS: 0%CPEs: 104EXPL: 0CVE-2020-15702 – TOCTOU in apport
https://notcve.org/view.php?id=CVE-2020-15702
05 Aug 2020 — TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234. La vulnerabilidad de Condición de Carrera TOCTOU en apport permite a... • https://usn.ubuntu.com/4449-1 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-11936 – Canonical Ubuntu apport Unnecessary Privileges Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-11936
05 Aug 2020 — gdbus setgid privilege escalation This vulnerability allows local attackers to disclose sensitive information on affected installations of Canonical Ubuntu. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the apport package. The issue results from the use of unnecessary privileges. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute code... • https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1885633 •
CVSS: 7.0EPSS: 0%CPEs: 10EXPL: 2CVE-2019-7307 – Apport contains a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml
https://notcve.org/view.php?id=CVE-2019-7307
09 Jul 2019 — Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad,... • https://packetstorm.news/files/id/172858 • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0CVE-2018-6552 – Apport treats the container PID as the global PID when /proc/<global_pid>/ is missing
https://notcve.org/view.php?id=CVE-2018-6552
31 May 2018 — Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The is_same_ns() function returns True when /proc/
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2017-14180 – Ubuntu Security Notice USN-3480-2
https://notcve.org/view.php?id=CVE-2017-14180
16 Nov 2017 — Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179. Apport 2.13 hasta la versión 2.20.7 no gestiona adecuadamente los cierres inesperados provenientes de un espacio de nombre PID, lo que permite que los usuarios locales creen ciertos archivos como r... • https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171 • CWE-400: Uncontrolled Resource Consumption •