Search CVE reports
1 – 10 of 53 results
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`,...
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager,...
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | — | Fixed | Fixed | Fixed |
Some fixes available 11 of 12
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
Some fixes available 11 of 12
Apport does not disable python crash handler before entering chroot
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
Some fixes available 11 of 12
is_closing_session() allows users to consume RAM in the Apport process
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
Some fixes available 11 of 12
is_closing_session() allows users to create arbitrary tcp dbus connections
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
Some fixes available 11 of 12
is_closing_session() allows users to fill up apport.log
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
Users can consume unlimited disk space in /var/crash
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Ignored | Ignored | Ignored | Ignored |
Some fixes available 11 of 12
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |
Some fixes available 11 of 12
Apport can be tricked into connecting to arbitrary sockets as the root user
1 affected package
apport
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| apport | Fixed | Fixed | Fixed | Fixed |