Canonical Apport 2.20.8-0ubuntu6

CPE Details

Canonical Apport 2.20.8-0ubuntu6
canonical
apport
2.20.8-0ubuntu6
2020-08-12
13h25 +00:00
2021-03-22
13h14 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:a:canonical:apport:2.20.8-0ubuntu6:*:*:*:*:*:*:*

Informations

Vendor

canonical

Product

apport

Version

2.20.8-0ubuntu6

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-1326 2023-04-13 22h35 +00:00 A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.
7.8
Haute
CVE-2020-15702 2020-08-06 22h50 +00:00 TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234.
7
Haute
CVE-2020-15701 2020-08-06 22h50 +00:00 An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
5.5
Moyen