CVE-2017-14180
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Apport 2.13 through 2.20.7 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges, a different vulnerability than CVE-2017-14179.
Apport 2.13 hasta la versión 2.20.7 no gestiona adecuadamente los cierres inesperados provenientes de un espacio de nombre PID, lo que permite que los usuarios locales creen ciertos archivos como root. Un atacante podría aprovechar estos archivos para realizar una denegación de servicio (DoS) mediante el agotamiento de recursos o, posiblemente, obtener privilegios root. Esta vulnerabilidad es diferente de CVE-2017-14179.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2017-09-07 CVE Reserved
- 2017-11-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (4)
URL | Tag | Source |
---|---|---|
https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171 | Issue Tracking | |
https://launchpad.net/bugs/1726372 | Issue Tracking | |
https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-14180 | Third Party Advisory |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://usn.ubuntu.com/usn/usn-3480-1 | 2018-02-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apport Project Search vendor "Apport Project" | Apport Search vendor "Apport Project" for product "Apport" | >= 2.13 <= 2.20.7 Search vendor "Apport Project" for product "Apport" and version " >= 2.13 <= 2.20.7" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 17.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.04" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 17.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "17.10" | - |
Affected
| ||||||
Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
|