IDCVSSSummaryLast (major) updatePublished
CVE-2017-10708 6.8
An issue was discovered in Apport through 2.20.x. In apport/report.py, Apport sets the ExecutablePath field and it then uses the path to run package specific hooks without protecting against path traversal. This allows remote attackers to execute arb
07-08-2017 - 15:16 18-07-2017 - 20:29
CVE-2015-1338 7.2
kernel_crashdump in Apport before 2.19 allows local users to cause a denial of service (disk consumption) or possibly gain privileges via a (1) symlink or (2) hard link attack on /var/crash/vmcore.log.
02-10-2015 - 20:48 01-10-2015 - 20:59
CVE-2017-14177 7.2
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileg
15-02-2018 - 13:20 02-02-2018 - 14:29
CVE-2017-14179 7.2
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root priv
15-02-2018 - 13:21 02-02-2018 - 14:29
CVE-2019-11483 2.1
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.
24-08-2020 - 17:37 08-02-2020 - 05:15
CVE-2019-11481 6.1
Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
12-02-2020 - 21:21 08-02-2020 - 05:15
CVE-2019-11485 2.1
Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
30-07-2020 - 18:15 08-02-2020 - 05:15
CVE-2019-11482 1.9
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
12-02-2020 - 18:49 08-02-2020 - 05:15
CVE-2016-9949 9.3
An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.
07-01-2017 - 03:00 17-12-2016 - 03:59
CVE-2016-9951 4.3
An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the
07-01-2017 - 03:00 17-12-2016 - 03:59
CVE-2016-9950 9.3
An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-
07-01-2017 - 03:00 17-12-2016 - 03:59
CVE-2019-15790 2.1
Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could ex
14-05-2020 - 00:58 28-04-2020 - 00:15
CVE-2020-8833 1.9
Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown cal
24-06-2020 - 21:15 22-04-2020 - 22:15
CVE-2020-8831 2.1
Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will si
24-06-2020 - 21:15 22-04-2020 - 22:15
Back to Top Mark selected
Back to Top