Search criteria
66 vulnerabilities found for apport by Canonical
CVE-2025-5467 (GCVE-0-2025-5467)
Vulnerability from nvd – Published: 2025-12-10 18:00 – Updated: 2025-12-10 18:45
VLAI?
Title
Ubuntu Apport Insecure File Permissions Vulnerability
Summary
It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups.
Severity ?
CWE
- CWE-708 - Incorrect Ownership Assignment
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.11-0ubuntu82 , < 2.20.11-0ubuntu82.7
(dpkg)
Affected: 2.32.0 , < 2.32.0-0ubuntu5.1 (dpkg) Affected: 2.20.9 , < 2.20.9-0ubuntu7.29+esm1 (dpkg) Affected: 2.28.1 , < 2.28.1-0ubuntu3.6 (dpkg) Affected: 2.33.0 , < 2.33.0-0ubuntu1 (dpkg) Affected: 2.20.1 , < 2.20.1-0ubuntu2.30+esm5 (dpkg) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.28 (dpkg) |
Credits
Rich Mirch
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5467",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T18:33:45.578963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T18:45:08.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://launchpad.net/ubuntu/+source/",
"defaultStatus": "unaffected",
"packageName": "apport",
"product": "apport",
"programFiles": [
"data/apport"
],
"programRoutines": [
{
"name": "process_crash()"
}
],
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.11-0ubuntu82.7",
"status": "affected",
"version": "2.20.11-0ubuntu82",
"versionType": "dpkg"
},
{
"lessThan": "2.32.0-0ubuntu5.1",
"status": "affected",
"version": "2.32.0",
"versionType": "dpkg"
},
{
"lessThan": "2.20.9-0ubuntu7.29+esm1",
"status": "affected",
"version": "2.20.9",
"versionType": "dpkg"
},
{
"lessThan": "2.28.1-0ubuntu3.6",
"status": "affected",
"version": "2.28.1",
"versionType": "dpkg"
},
{
"lessThan": "2.33.0-0ubuntu1",
"status": "affected",
"version": "2.33.0",
"versionType": "dpkg"
},
{
"lessThan": "2.20.1-0ubuntu2.30+esm5",
"status": "affected",
"version": "2.20.1",
"versionType": "dpkg"
},
{
"lessThan": "2.20.11-0ubuntu27.28",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "dpkg"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rich Mirch"
}
],
"datePublic": "2025-06-02T17:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It was discovered that process_crash() in data/apport in Canonical\u0027s Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups."
}
],
"value": "It was discovered that process_crash() in data/apport in Canonical\u0027s Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups."
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639: Probe System Files"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 1.9,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-708",
"description": "CWE-708: Incorrect Ownership Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T18:00:35.967Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"url": "https://www.stratascale.com/resource/cve-2025-32462-ubuntu-apport-vulnerability/"
},
{
"url": "https://bugs.launchpad.net/apport/+bug/2106338"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Ubuntu Apport Insecure File Permissions Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-5467",
"datePublished": "2025-12-10T18:00:35.967Z",
"dateReserved": "2025-06-02T12:03:56.269Z",
"dateUpdated": "2025-12-10T18:45:08.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5054 (GCVE-0-2025-5054)
Vulnerability from nvd – Published: 2025-05-30 17:37 – Updated: 2025-11-03 20:05
VLAI?
Title
Race Condition in Canonical Apport
Summary
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.
When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).
Severity ?
4.7 (Medium)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | Apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm5
(dpkg)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.29+esm1 (dpkg) Affected: 2.20.11 , < 2.20.11-0ubuntu27.28 (dpkg) Affected: 2.20.11 , < 2.20.11-0ubuntu82.7 (dpkg) Affected: 2.28.1 , < 2.28.1-0ubuntu3.6 (dpkg) Affected: 2.30.0 , < 2.30.0-0ubuntu4.3 (dpkg) Affected: 2.32.0 , < 2.32.0-0ubuntu5.1 (dpkg) Affected: 2.32.0 , < 2.33.0-0ubuntu1 (dpkg) Affected: 2.20 , ≤ 2.32.0 (semver) |
Credits
Qualys Threat Research Unit (TRU)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5054",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T17:59:23.055492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T17:59:52.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:05:43.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jun/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://launchpad.net/apport",
"defaultStatus": "unaffected",
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://git.launchpad.net/apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm5",
"status": "affected",
"version": "2.20.1",
"versionType": "dpkg"
},
{
"lessThan": "2.20.9-0ubuntu7.29+esm1",
"status": "affected",
"version": "2.20.9",
"versionType": "dpkg"
},
{
"lessThan": "2.20.11-0ubuntu27.28",
"status": "affected",
"version": "2.20.11",
"versionType": "dpkg"
},
{
"lessThan": "2.20.11-0ubuntu82.7",
"status": "affected",
"version": "2.20.11",
"versionType": "dpkg"
},
{
"lessThan": "2.28.1-0ubuntu3.6",
"status": "affected",
"version": "2.28.1",
"versionType": "dpkg"
},
{
"lessThan": "2.30.0-0ubuntu4.3",
"status": "affected",
"version": "2.30.0",
"versionType": "dpkg"
},
{
"lessThan": "2.32.0-0ubuntu5.1",
"status": "affected",
"version": "2.32.0",
"versionType": "dpkg"
},
{
"lessThan": "2.33.0-0ubuntu1",
"status": "affected",
"version": "2.32.0",
"versionType": "dpkg"
},
{
"lessThanOrEqual": "2.32.0",
"status": "affected",
"version": "2.20",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Qualys Threat Research Unit (TRU)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eRace condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eWhen handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).\u003c/div\u003e"
}
],
"value": "Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.\n\n\n\n\nWhen handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1)."
}
],
"impacts": [
{
"capecId": "CAPEC-26",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-26 Leveraging Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T16:23:28.514Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-7545-1"
},
{
"tags": [
"vdb-entry"
],
"url": "https://ubuntu.com/security/CVE-2025-5054"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Race Condition in Canonical Apport"
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-5054",
"datePublished": "2025-05-30T17:37:01.006Z",
"dateReserved": "2025-05-21T14:00:55.371Z",
"dateUpdated": "2025-11-03T20:05:43.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-11936 (GCVE-0-2020-11936)
Vulnerability from nvd – Published: 2025-01-31 01:18 – Updated: 2025-02-07 16:08
VLAI?
Summary
gdbus setgid privilege escalation
Severity ?
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.20.11-0ubuntu27.6
(semver)
|
Credits
Ryota Shiga
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-11936",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:58:53.328091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:08:28.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.20.11-0ubuntu27.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryota Shiga"
}
],
"descriptions": [
{
"lang": "en",
"value": "gdbus setgid privilege escalation"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T01:34:55.184Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1885633"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11936"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2020-11936",
"datePublished": "2025-01-31T01:18:21.509Z",
"dateReserved": "2020-04-20T00:00:00.000Z",
"dateUpdated": "2025-02-07T16:08:28.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28653 (GCVE-0-2022-28653)
Vulnerability from nvd – Published: 2025-01-31 00:50 – Updated: 2025-02-07 15:56
VLAI?
Summary
Users can consume unlimited disk space in /var/crash
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.21.0
(semver)
|
Credits
Gerrit Venema
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-28653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:56:07.428006Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:56:12.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gerrit Venema"
}
],
"descriptions": [
{
"lang": "en",
"value": "Users can consume unlimited disk space in /var/crash"
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T00:50:49.677Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28653"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2022-28653",
"datePublished": "2025-01-31T00:50:49.677Z",
"dateReserved": "2022-04-05T02:16:30.819Z",
"dateUpdated": "2025-02-07T15:56:12.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1242 (GCVE-0-2022-1242)
Vulnerability from nvd – Published: 2024-06-03 18:48 – Updated: 2025-03-27 19:31
VLAI?
Summary
Apport can be tricked into connecting to arbitrary sockets as the root user
Severity ?
7.8 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.21.0
(semver)
|
Credits
Gerrit Venema
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-1242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-04T20:28:52.542056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T19:31:12.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gerrit Venema"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apport can be tricked into connecting to arbitrary sockets as the root user"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T18:48:02.281Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1242"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2022-1242",
"datePublished": "2024-06-03T18:48:02.281Z",
"dateReserved": "2022-04-05T14:45:10.551Z",
"dateUpdated": "2025-03-27T19:31:12.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3899 (GCVE-0-2021-3899)
Vulnerability from nvd – Published: 2024-06-03 18:40 – Updated: 2024-08-19 14:10
VLAI?
Summary
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
Severity ?
7.8 (High)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.21.0
(semver)
|
Credits
Muqing Liu from Singurlar Security Lab
neoni
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3899"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apport:apport:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apport",
"vendor": "apport",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-3899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T14:09:25.391252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T14:10:41.358Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muqing Liu from Singurlar Security Lab"
},
{
"lang": "en",
"type": "finder",
"value": "neoni"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a race condition in the \u0027replaced executable\u0027 detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T18:40:32.847Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3899"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-3899",
"datePublished": "2024-06-03T18:40:32.847Z",
"dateReserved": "2021-10-23T01:51:35.297Z",
"dateUpdated": "2024-08-19T14:10:41.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1326 (GCVE-0-2023-1326)
Vulnerability from nvd – Published: 2023-04-13 22:35 – Updated: 2025-02-07 15:54
VLAI?
Title
local privilege escalation in apport-cli
Summary
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , ≤ 2.26.0
(semver)
|
Credits
Chen Lu
Lei Wang
YiQi Sun
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-6018-1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:54:40.471465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:54:48.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/canonical/apport/tags",
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport/",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThanOrEqual": "2.26.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chen Lu"
},
{
"lang": "en",
"type": "finder",
"value": "Lei Wang"
},
{
"lang": "en",
"type": "finder",
"value": "YiQi Sun"
}
],
"datePublic": "2023-04-13T12:33:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T14:55:54.874Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-6018-1"
}
],
"title": "local privilege escalation in apport-cli"
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2023-1326",
"datePublished": "2023-04-13T22:35:19.704Z",
"dateReserved": "2023-03-10T16:17:04.430Z",
"dateUpdated": "2025-02-07T15:54:48.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3710 (GCVE-0-2021-3710)
Vulnerability from nvd – Published: 2021-10-01 02:35 – Updated: 2024-09-17 01:41
VLAI?
Title
Apport info disclosure via path traversal bug in read_file
Summary
An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Severity ?
6.5 (Medium)
CWE
- CWE-24 - Path Traversal: '../filedir'
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
Credits
Stephen Röttger (@_tsuro)
Maik Münch (maik@secfault-security.com)(@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.14.1-0ubuntu3.29+esm8",
"status": "affected",
"version": "2.14.1",
"versionType": "custom"
},
{
"lessThan": "2.20.1-0ubuntu2.30+esm2",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.26",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "2.20.11-0ubuntu65.3",
"status": "unaffected"
}
],
"lessThan": "2.20.11-0ubuntu27.20",
"status": "affected",
"version": "2.20.11",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Stephen R\u00f6ttger (@_tsuro)"
},
{
"lang": "en",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-01T02:35:22",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
],
"discovery": "EXTERNAL"
},
"title": "Apport info disclosure via path traversal bug in read_file",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-09-14T00:00:00.000Z",
"ID": "CVE-2021-3710",
"STATE": "PUBLIC",
"TITLE": "Apport info disclosure via path traversal bug in read_file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.14.1",
"version_value": "2.14.1-0ubuntu3.29+esm8"
},
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm2"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.26"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu27.20"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu65.3"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Stephen R\u00f6ttger (@_tsuro)"
},
{
"lang": "eng",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-24 Path Traversal: \u0027../filedir\u0027"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ubuntu.com/security/notices/USN-5077-1",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"name": "https://ubuntu.com/security/notices/USN-5077-2",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710",
"refsource": "MISC",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-3710",
"datePublished": "2021-10-01T02:35:22.911127Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-17T01:41:25.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3709 (GCVE-0-2021-3709)
Vulnerability from nvd – Published: 2021-10-01 02:35 – Updated: 2024-09-16 23:31
VLAI?
Title
Apport file permission bypass through emacs byte compilation errors
Summary
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Severity ?
6.5 (Medium)
CWE
- CWE-538 - File and Directory Information Exposure
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
Credits
Maik Münch (maik@secfault-security.com)(@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.14.1-0ubuntu3.29+esm8",
"status": "affected",
"version": "2.14.1",
"versionType": "custom"
},
{
"lessThan": "2.20.1-0ubuntu2.30+esm2",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.26",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "2.20.11-0ubuntu65.3",
"status": "unaffected"
}
],
"lessThan": "2.20.11-0ubuntu27.20",
"status": "affected",
"version": "2.20.11",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 File and Directory Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-01T02:35:21",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
],
"discovery": "EXTERNAL"
},
"title": "Apport file permission bypass through emacs byte compilation errors",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-09-14T00:00:00.000Z",
"ID": "CVE-2021-3709",
"STATE": "PUBLIC",
"TITLE": "Apport file permission bypass through emacs byte compilation errors"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.14.1",
"version_value": "2.14.1-0ubuntu3.29+esm8"
},
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm2"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.26"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu27.20"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu65.3"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-538 File and Directory Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709",
"refsource": "MISC",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
},
{
"name": "https://ubuntu.com/security/notices/USN-5077-1",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"name": "https://ubuntu.com/security/notices/USN-5077-2",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-3709",
"datePublished": "2021-10-01T02:35:21.228849Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-16T23:31:13.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32557 (GCVE-0-2021-32557)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 17:53
VLAI?
Title
apport process_report() arbitrary file write
Summary
It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.
Severity ?
5.2 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:29.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:43",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport process_report() arbitrary file write",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32557",
"STATE": "PUBLIC",
"TITLE": "apport process_report() arbitrary file write"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32557",
"datePublished": "2021-06-12T03:40:43.352244Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T17:53:05.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32556 (GCVE-0-2021-32556)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 19:51
VLAI?
Title
apport get_modified_conffiles() function command injection
Summary
It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.
Severity ?
CWE
- CWE-78 - OS Command Injection
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:29.949Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78 OS Command Injection",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:42",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport get_modified_conffiles() function command injection",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32556",
"STATE": "PUBLIC",
"TITLE": "apport get_modified_conffiles() function command injection"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 3.8,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32556",
"datePublished": "2021-06-12T03:40:42.604686Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T19:51:18.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32555 (GCVE-0-2021-32555)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 20:47
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.308Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:41",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32555",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32555",
"datePublished": "2021-06-12T03:40:41.851905Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T20:47:23.455Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32554 (GCVE-0-2021-32554)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 23:20
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.307Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:41",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32554",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32554",
"datePublished": "2021-06-12T03:40:41.158908Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T23:20:32.516Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32553 (GCVE-0-2021-32553)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 22:51
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.511Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:40",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32553",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32553",
"datePublished": "2021-06-12T03:40:40.514625Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T22:51:04.819Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32552 (GCVE-0-2021-32552)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-17 02:37
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:39",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32552",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32552",
"datePublished": "2021-06-12T03:40:39.859698Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-17T02:37:33.692Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32551 (GCVE-0-2021-32551)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 20:21
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.582Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:39",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32551",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32551",
"datePublished": "2021-06-12T03:40:39.210630Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T20:21:31.720Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32550 (GCVE-0-2021-32550)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 23:22
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.361Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:38",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32550",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32550",
"datePublished": "2021-06-12T03:40:38.559899Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T23:22:01.152Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32549 (GCVE-0-2021-32549)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 23:11
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.532Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:37",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32549",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32549",
"datePublished": "2021-06-12T03:40:37.848951Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T23:11:32.731Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32548 (GCVE-0-2021-32548)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-16 18:29
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:37",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32548",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32548",
"datePublished": "2021-06-12T03:40:37.135607Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T18:29:09.540Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32547 (GCVE-0-2021-32547)
Vulnerability from nvd – Published: 2021-06-12 03:40 – Updated: 2024-09-17 03:18
VLAI?
Title
apport read_file() function could follow maliciously constructed symbolic links
Summary
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.
Severity ?
7.3 (High)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:30.114Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:36",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport read_file() function could follow maliciously constructed symbolic links",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32547",
"STATE": "PUBLIC",
"TITLE": "apport read_file() function could follow maliciously constructed symbolic links"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32547",
"datePublished": "2021-06-12T03:40:36.400946Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-17T03:18:22.707Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-5467 (GCVE-0-2025-5467)
Vulnerability from cvelistv5 – Published: 2025-12-10 18:00 – Updated: 2025-12-10 18:45
VLAI?
Title
Ubuntu Apport Insecure File Permissions Vulnerability
Summary
It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups.
Severity ?
CWE
- CWE-708 - Incorrect Ownership Assignment
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.11-0ubuntu82 , < 2.20.11-0ubuntu82.7
(dpkg)
Affected: 2.32.0 , < 2.32.0-0ubuntu5.1 (dpkg) Affected: 2.20.9 , < 2.20.9-0ubuntu7.29+esm1 (dpkg) Affected: 2.28.1 , < 2.28.1-0ubuntu3.6 (dpkg) Affected: 2.33.0 , < 2.33.0-0ubuntu1 (dpkg) Affected: 2.20.1 , < 2.20.1-0ubuntu2.30+esm5 (dpkg) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.28 (dpkg) |
Credits
Rich Mirch
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5467",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-10T18:33:45.578963Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T18:45:08.960Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://launchpad.net/ubuntu/+source/",
"defaultStatus": "unaffected",
"packageName": "apport",
"product": "apport",
"programFiles": [
"data/apport"
],
"programRoutines": [
{
"name": "process_crash()"
}
],
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.11-0ubuntu82.7",
"status": "affected",
"version": "2.20.11-0ubuntu82",
"versionType": "dpkg"
},
{
"lessThan": "2.32.0-0ubuntu5.1",
"status": "affected",
"version": "2.32.0",
"versionType": "dpkg"
},
{
"lessThan": "2.20.9-0ubuntu7.29+esm1",
"status": "affected",
"version": "2.20.9",
"versionType": "dpkg"
},
{
"lessThan": "2.28.1-0ubuntu3.6",
"status": "affected",
"version": "2.28.1",
"versionType": "dpkg"
},
{
"lessThan": "2.33.0-0ubuntu1",
"status": "affected",
"version": "2.33.0",
"versionType": "dpkg"
},
{
"lessThan": "2.20.1-0ubuntu2.30+esm5",
"status": "affected",
"version": "2.20.1",
"versionType": "dpkg"
},
{
"lessThan": "2.20.11-0ubuntu27.28",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "dpkg"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Rich Mirch"
}
],
"datePublic": "2025-06-02T17:36:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "It was discovered that process_crash() in data/apport in Canonical\u0027s Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups."
}
],
"value": "It was discovered that process_crash() in data/apport in Canonical\u0027s Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups."
}
],
"impacts": [
{
"capecId": "CAPEC-639",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-639: Probe System Files"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "LOCAL",
"baseScore": 1.9,
"baseSeverity": "LOW",
"exploitMaturity": "PROOF_OF_CONCEPT",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-708",
"description": "CWE-708: Incorrect Ownership Assignment",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-10T18:00:35.967Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"url": "https://www.stratascale.com/resource/cve-2025-32462-ubuntu-apport-vulnerability/"
},
{
"url": "https://bugs.launchpad.net/apport/+bug/2106338"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Ubuntu Apport Insecure File Permissions Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-5467",
"datePublished": "2025-12-10T18:00:35.967Z",
"dateReserved": "2025-06-02T12:03:56.269Z",
"dateUpdated": "2025-12-10T18:45:08.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-5054 (GCVE-0-2025-5054)
Vulnerability from cvelistv5 – Published: 2025-05-30 17:37 – Updated: 2025-11-03 20:05
VLAI?
Title
Race Condition in Canonical Apport
Summary
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.
When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).
Severity ?
4.7 (Medium)
CWE
- CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | Apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm5
(dpkg)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.29+esm1 (dpkg) Affected: 2.20.11 , < 2.20.11-0ubuntu27.28 (dpkg) Affected: 2.20.11 , < 2.20.11-0ubuntu82.7 (dpkg) Affected: 2.28.1 , < 2.28.1-0ubuntu3.6 (dpkg) Affected: 2.30.0 , < 2.30.0-0ubuntu4.3 (dpkg) Affected: 2.32.0 , < 2.32.0-0ubuntu5.1 (dpkg) Affected: 2.32.0 , < 2.33.0-0ubuntu1 (dpkg) Affected: 2.20 , ≤ 2.32.0 (semver) |
Credits
Qualys Threat Research Unit (TRU)
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-5054",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-30T17:59:23.055492Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-30T17:59:52.521Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-03T20:05:43.609Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2025/Jun/9"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://launchpad.net/apport",
"defaultStatus": "unaffected",
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://git.launchpad.net/apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm5",
"status": "affected",
"version": "2.20.1",
"versionType": "dpkg"
},
{
"lessThan": "2.20.9-0ubuntu7.29+esm1",
"status": "affected",
"version": "2.20.9",
"versionType": "dpkg"
},
{
"lessThan": "2.20.11-0ubuntu27.28",
"status": "affected",
"version": "2.20.11",
"versionType": "dpkg"
},
{
"lessThan": "2.20.11-0ubuntu82.7",
"status": "affected",
"version": "2.20.11",
"versionType": "dpkg"
},
{
"lessThan": "2.28.1-0ubuntu3.6",
"status": "affected",
"version": "2.28.1",
"versionType": "dpkg"
},
{
"lessThan": "2.30.0-0ubuntu4.3",
"status": "affected",
"version": "2.30.0",
"versionType": "dpkg"
},
{
"lessThan": "2.32.0-0ubuntu5.1",
"status": "affected",
"version": "2.32.0",
"versionType": "dpkg"
},
{
"lessThan": "2.33.0-0ubuntu1",
"status": "affected",
"version": "2.32.0",
"versionType": "dpkg"
},
{
"lessThanOrEqual": "2.32.0",
"status": "affected",
"version": "2.20",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "reporter",
"value": "Qualys Threat Research Unit (TRU)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eRace condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.\u003c/div\u003e\u003cdiv\u003e\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eWhen handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).\u003c/div\u003e"
}
],
"value": "Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.\n\n\n\n\nWhen handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1)."
}
],
"impacts": [
{
"capecId": "CAPEC-26",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-26 Leveraging Race Conditions"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-362",
"description": "CWE-362 Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-09T16:23:28.514Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-7545-1"
},
{
"tags": [
"vdb-entry"
],
"url": "https://ubuntu.com/security/CVE-2025-5054"
},
{
"tags": [
"third-party-advisory"
],
"url": "https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Race Condition in Canonical Apport"
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2025-5054",
"datePublished": "2025-05-30T17:37:01.006Z",
"dateReserved": "2025-05-21T14:00:55.371Z",
"dateUpdated": "2025-11-03T20:05:43.609Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2020-11936 (GCVE-0-2020-11936)
Vulnerability from cvelistv5 – Published: 2025-01-31 01:18 – Updated: 2025-02-07 16:08
VLAI?
Summary
gdbus setgid privilege escalation
Severity ?
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.20.11-0ubuntu27.6
(semver)
|
Credits
Ryota Shiga
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2020-11936",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:58:53.328091Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T16:08:28.466Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.20.11-0ubuntu27.6",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Ryota Shiga"
}
],
"descriptions": [
{
"lang": "en",
"value": "gdbus setgid privilege escalation"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.1,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T01:34:55.184Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1885633"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2020-11936"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2020-11936",
"datePublished": "2025-01-31T01:18:21.509Z",
"dateReserved": "2020-04-20T00:00:00.000Z",
"dateUpdated": "2025-02-07T16:08:28.466Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-28653 (GCVE-0-2022-28653)
Vulnerability from cvelistv5 – Published: 2025-01-31 00:50 – Updated: 2025-02-07 15:56
VLAI?
Summary
Users can consume unlimited disk space in /var/crash
Severity ?
7.5 (High)
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.21.0
(semver)
|
Credits
Gerrit Venema
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-28653",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:56:07.428006Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-noinfo Not enough information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:56:12.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gerrit Venema"
}
],
"descriptions": [
{
"lang": "en",
"value": "Users can consume unlimited disk space in /var/crash"
}
],
"providerMetadata": {
"dateUpdated": "2025-01-31T00:50:49.677Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28653"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2022-28653",
"datePublished": "2025-01-31T00:50:49.677Z",
"dateReserved": "2022-04-05T02:16:30.819Z",
"dateUpdated": "2025-02-07T15:56:12.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-1242 (GCVE-0-2022-1242)
Vulnerability from cvelistv5 – Published: 2024-06-03 18:48 – Updated: 2025-03-27 19:31
VLAI?
Summary
Apport can be tricked into connecting to arbitrary sockets as the root user
Severity ?
7.8 (High)
CWE
- CWE-20 - Improper Input Validation
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.21.0
(semver)
|
Credits
Gerrit Venema
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2022-1242",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-06-04T20:28:52.542056Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-20",
"description": "CWE-20 Improper Input Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-27T19:31:12.082Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T23:55:24.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1242"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Gerrit Venema"
}
],
"descriptions": [
{
"lang": "en",
"value": "Apport can be tricked into connecting to arbitrary sockets as the root user"
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T18:48:02.281Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1242"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2022-1242",
"datePublished": "2024-06-03T18:48:02.281Z",
"dateReserved": "2022-04-05T14:45:10.551Z",
"dateUpdated": "2025-03-27T19:31:12.082Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3899 (GCVE-0-2021-3899)
Vulnerability from cvelistv5 – Published: 2024-06-03 18:40 – Updated: 2024-08-19 14:10
VLAI?
Summary
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
Severity ?
7.8 (High)
CWE
- CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition
Assigner
References
| URL | Tags | ||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , < 2.21.0
(semver)
|
Credits
Muqing Liu from Singurlar Security Lab
neoni
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:09:09.767Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking",
"x_transferred"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3899"
}
],
"title": "CVE Program Container"
},
{
"affected": [
{
"cpes": [
"cpe:2.3:a:apport:apport:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "apport",
"vendor": "apport",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2021-3899",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-19T14:09:25.391252Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-19T14:10:41.358Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThan": "2.21.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Muqing Liu from Singurlar Security Lab"
},
{
"lang": "en",
"type": "finder",
"value": "neoni"
}
],
"descriptions": [
{
"lang": "en",
"value": "There is a race condition in the \u0027replaced executable\u0027 detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root."
}
],
"providerMetadata": {
"dateUpdated": "2024-06-03T18:40:32.847Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"issue-tracking"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948376"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-5427-1"
},
{
"tags": [
"issue-tracking"
],
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3899"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-3899",
"datePublished": "2024-06-03T18:40:32.847Z",
"dateReserved": "2021-10-23T01:51:35.297Z",
"dateUpdated": "2024-08-19T14:10:41.358Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-1326 (GCVE-0-2023-1326)
Vulnerability from cvelistv5 – Published: 2023-04-13 22:35 – Updated: 2025-02-07 15:54
VLAI?
Title
local privilege escalation in apport-cli
Summary
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.
Severity ?
7.7 (High)
CWE
Assigner
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical Ltd. | Apport |
Affected:
0 , ≤ 2.26.0
(semver)
|
Credits
Chen Lu
Lei Wang
YiQi Sun
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T05:40:59.987Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"patch",
"x_transferred"
],
"url": "https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb"
},
{
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-6018-1"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-1326",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-07T15:54:40.471465Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-07T15:54:48.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://github.com/canonical/apport/tags",
"packageName": "apport",
"platforms": [
"Linux"
],
"product": "Apport",
"repo": "https://github.com/canonical/apport/",
"vendor": "Canonical Ltd.",
"versions": [
{
"lessThanOrEqual": "2.26.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Chen Lu"
},
{
"lang": "en",
"type": "finder",
"value": "Lei Wang"
},
{
"lang": "en",
"type": "finder",
"value": "YiQi Sun"
}
],
"datePublic": "2023-04-13T12:33:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-04-18T14:55:54.874Z",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"patch"
],
"url": "https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb"
},
{
"tags": [
"vendor-advisory"
],
"url": "https://ubuntu.com/security/notices/USN-6018-1"
}
],
"title": "local privilege escalation in apport-cli"
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2023-1326",
"datePublished": "2023-04-13T22:35:19.704Z",
"dateReserved": "2023-03-10T16:17:04.430Z",
"dateUpdated": "2025-02-07T15:54:48.365Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3710 (GCVE-0-2021-3710)
Vulnerability from cvelistv5 – Published: 2021-10-01 02:35 – Updated: 2024-09-17 01:41
VLAI?
Title
Apport info disclosure via path traversal bug in read_file
Summary
An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Severity ?
6.5 (Medium)
CWE
- CWE-24 - Path Traversal: '../filedir'
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
Credits
Stephen Röttger (@_tsuro)
Maik Münch (maik@secfault-security.com)(@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.314Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.14.1-0ubuntu3.29+esm8",
"status": "affected",
"version": "2.14.1",
"versionType": "custom"
},
{
"lessThan": "2.20.1-0ubuntu2.30+esm2",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.26",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "2.20.11-0ubuntu65.3",
"status": "unaffected"
}
],
"lessThan": "2.20.11-0ubuntu27.20",
"status": "affected",
"version": "2.20.11",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Stephen R\u00f6ttger (@_tsuro)"
},
{
"lang": "en",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-24",
"description": "CWE-24 Path Traversal: \u0027../filedir\u0027",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-01T02:35:22",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
],
"discovery": "EXTERNAL"
},
"title": "Apport info disclosure via path traversal bug in read_file",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-09-14T00:00:00.000Z",
"ID": "CVE-2021-3710",
"STATE": "PUBLIC",
"TITLE": "Apport info disclosure via path traversal bug in read_file"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.14.1",
"version_value": "2.14.1-0ubuntu3.29+esm8"
},
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm2"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.26"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu27.20"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu65.3"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Stephen R\u00f6ttger (@_tsuro)"
},
{
"lang": "eng",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure via path traversal was discovered in apport/hookutils.py function read_file(). This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-24 Path Traversal: \u0027../filedir\u0027"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://ubuntu.com/security/notices/USN-5077-1",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"name": "https://ubuntu.com/security/notices/USN-5077-2",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710",
"refsource": "MISC",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3710"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1933832"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-3710",
"datePublished": "2021-10-01T02:35:22.911127Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-17T01:41:25.529Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-3709 (GCVE-0-2021-3709)
Vulnerability from cvelistv5 – Published: 2021-10-01 02:35 – Updated: 2024-09-16 23:31
VLAI?
Title
Apport file permission bypass through emacs byte compilation errors
Summary
Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;
Severity ?
6.5 (Medium)
CWE
- CWE-538 - File and Directory Information Exposure
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
Credits
Maik Münch (maik@secfault-security.com)(@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T17:01:08.330Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.14.1-0ubuntu3.29+esm8",
"status": "affected",
"version": "2.14.1",
"versionType": "custom"
},
{
"lessThan": "2.20.1-0ubuntu2.30+esm2",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.26",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"changes": [
{
"at": "2.20.11-0ubuntu65.3",
"status": "unaffected"
}
],
"lessThan": "2.20.11-0ubuntu27.20",
"status": "affected",
"version": "2.20.11",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"datePublic": "2021-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-538",
"description": "CWE-538 File and Directory Information Exposure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-10-01T02:35:21",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
],
"discovery": "EXTERNAL"
},
"title": "Apport file permission bypass through emacs byte compilation errors",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-09-14T00:00:00.000Z",
"ID": "CVE-2021-3709",
"STATE": "PUBLIC",
"TITLE": "Apport file permission bypass through emacs byte compilation errors"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.14.1",
"version_value": "2.14.1-0ubuntu3.29+esm8"
},
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm2"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.26"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu27.20"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11",
"version_value": "2.20.11-0ubuntu65.3"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "Maik M\u00fcnch (maik@secfault-security.com)(@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Function check_attachment_for_errors() in file data/general-hooks/ubuntu.py could be tricked into exposing private data via a constructed crash file. This issue affects: apport 2.14.1 versions prior to 2.14.1-0ubuntu3.29+esm8; 2.20.1 versions prior to 2.20.1-0ubuntu2.30+esm2; 2.20.9 versions prior to 2.20.9-0ubuntu7.26; 2.20.11 versions prior to 2.20.11-0ubuntu27.20; 2.20.11 versions prior to 2.20.11-0ubuntu65.3;"
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-538 File and Directory Information Exposure"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709",
"refsource": "MISC",
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3709"
},
{
"name": "https://ubuntu.com/security/notices/USN-5077-1",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-1"
},
{
"name": "https://ubuntu.com/security/notices/USN-5077-2",
"refsource": "MISC",
"url": "https://ubuntu.com/security/notices/USN-5077-2"
},
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-5077-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1934308"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-3709",
"datePublished": "2021-10-01T02:35:21.228849Z",
"dateReserved": "2021-08-16T00:00:00",
"dateUpdated": "2024-09-16T23:31:13.094Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-32557 (GCVE-0-2021-32557)
Vulnerability from cvelistv5 – Published: 2021-06-12 03:40 – Updated: 2024-09-16 17:53
VLAI?
Title
apport process_report() arbitrary file write
Summary
It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks.
Severity ?
5.2 (Medium)
CWE
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Canonical | apport |
Affected:
2.20.1 , < 2.20.1-0ubuntu2.30+esm1
(custom)
Affected: 2.20.9 , < 2.20.9-0ubuntu7.24 (custom) Affected: 2.20.11-0ubuntu27 , < 2.20.11-0ubuntu27.18 (custom) Affected: 2.20.11-0ubuntu50 , < 2.20.11-0ubuntu50.7 (custom) Affected: 2.20.11-0ubuntu65 , < 2.20.11-0ubuntu65.1 (custom) Affected: 2.14.1-0ubuntu3 , < 2.14.1-0ubuntu3.29+esm7 (custom) |
Credits
maik@secfault-security.com (@fktio)
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T23:25:29.927Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.30+esm1",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.24",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.18",
"status": "affected",
"version": "2.20.11-0ubuntu27",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu50.7",
"status": "affected",
"version": "2.20.11-0ubuntu50",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu65.1",
"status": "affected",
"version": "2.20.11-0ubuntu65",
"versionType": "custom"
},
{
"lessThan": "2.14.1-0ubuntu3.29+esm7",
"status": "affected",
"version": "2.14.1-0ubuntu3",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "maik@secfault-security.com (@fktio)"
}
],
"datePublic": "2021-05-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-59",
"description": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-61",
"description": "CWE-61 UNIX Symbolic Link (Symlink) Following",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-06-12T03:40:43",
"orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"shortName": "canonical"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
],
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
},
"title": "apport process_report() arbitrary file write",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@ubuntu.com",
"DATE_PUBLIC": "2021-05-25T00:00:00.000Z",
"ID": "CVE-2021-32557",
"STATE": "PUBLIC",
"TITLE": "apport process_report() arbitrary file write"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "apport",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "2.20.1",
"version_value": "2.20.1-0ubuntu2.30+esm1"
},
{
"version_affected": "\u003c",
"version_name": "2.20.9",
"version_value": "2.20.9-0ubuntu7.24"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu27",
"version_value": "2.20.11-0ubuntu27.18"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu50",
"version_value": "2.20.11-0ubuntu50.7"
},
{
"version_affected": "\u003c",
"version_name": "2.20.11-0ubuntu65",
"version_value": "2.20.11-0ubuntu65.1"
},
{
"version_affected": "\u003c",
"version_name": "2.14.1-0ubuntu3",
"version_value": "2.14.1-0ubuntu3.29+esm7"
}
]
}
}
]
},
"vendor_name": "Canonical"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "maik@secfault-security.com (@fktio)"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "It was discovered that the process_report() function in data/whoopsie-upload-all allowed arbitrary file writes via symlinks."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-59 Improper Link Resolution Before File Access (\u0027Link Following\u0027)"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "CWE-61 UNIX Symbolic Link (Symlink) Following"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904",
"refsource": "MISC",
"url": "https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
}
]
},
"source": {
"advisory": "https://ubuntu.com/security/notices/USN-4965-1",
"defect": [
"https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904"
],
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
"assignerShortName": "canonical",
"cveId": "CVE-2021-32557",
"datePublished": "2021-06-12T03:40:43.352244Z",
"dateReserved": "2021-05-10T00:00:00",
"dateUpdated": "2024-09-16T17:53:05.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}