CVE-2019-7307
Apport contains a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad, or by leveraging some other vulnerability to read the resulting crash report, and so allow the user to read arbitrary files on the system.
Apport versiones anteriores a 2.14.1-0ubuntu3.29 + esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contenían una vulnerabilidad TOCTTOU cuando leen los usuarios el archivo ~/.apport-ignore.xml, que permite a un atacante local reemplazar este archivo con un enlace simbólico en cualquier otro archivo sobre el sistema y, por lo tanto, causar que Apport incluya el contenido de este otro archivo en el reporte del bloqueo resultante. El reporte de bloqueo podría ser leído por ese usuario provocando que sea cargado y reportado para Launchpad, o aprovechando alguna otra vulnerabilidad para leer el reporte de bloqueo resultante, y así permitir al usuario leer archivos arbitrarios en el sistema.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-02-01 CVE Reserved
- 2019-07-09 CVE Published
- 2023-03-08 EPSS Updated
- 2024-09-16 CVE Updated
- 2024-09-16 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html |
URL | Date | SRC |
---|---|---|
https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1830858 | 2024-09-16 |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-7307.html | 2023-06-12 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apport Project Search vendor "Apport Project" | Apport Search vendor "Apport Project" for product "Apport" | 2.14.1 Search vendor "Apport Project" for product "Apport" and version "2.14.1" | - |
Affected
| in | Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | esm |
Safe
|
Apport Project Search vendor "Apport Project" | Apport Search vendor "Apport Project" for product "Apport" | 2.20.1 Search vendor "Apport Project" for product "Apport" and version "2.20.1" | - |
Affected
| in | Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Safe
|
Apport Project Search vendor "Apport Project" | Apport Search vendor "Apport Project" for product "Apport" | 2.20.9 Search vendor "Apport Project" for product "Apport" and version "2.20.9" | - |
Affected
| in | Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Safe
|
Apport Project Search vendor "Apport Project" | Apport Search vendor "Apport Project" for product "Apport" | 2.20.10 Search vendor "Apport Project" for product "Apport" and version "2.20.10" | - |
Affected
| in | Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 19.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "19.10" | - |
Safe
|
Apport Project Search vendor "Apport Project" | Apport Search vendor "Apport Project" for product "Apport" | 2.20.10 Search vendor "Apport Project" for product "Apport" and version "2.20.10" | - |
Affected
| in | Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 19.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "19.04" | - |
Safe
|