Unhandled exception in check_ignored()
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Apport |
Fix Released
|
Critical
|
Unassigned | ||
apport (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
Hi,
I have found a security issue on apport 2.20.11 and earlier.
## Vulnerability
apport 2.20.11 and earlier have an unhandled exception vulnerability during parsing apport-ignore.xml.
An attacker can cause a denial of service (i.e., application crash) via a crafted apport-ignore.xml file.
## Description
Reports can be suppressed by blacklisting in apport-ignore.xml.
This is an example of apport-ignore.xml
<?xml version="1.0" ?>
<apport>
<ignore mtime="1461374304" program=
<ignore mtime="1453471676" program=
<ignore mtime="1452699271" program=
</apport>
Unfortunately, it may cause an unhandled exception when 'mtime' attribute is specified as a string value, not a number like this.
<?xml version="1.0" ?>
<apport>
<ignore mtime="string" program=
</apport>
It may disrupt apport service and allow an attacker to potentially enable a denial of service via local access.
The flaw lies in improper exception handling of 'mtime' attribute in apport-ignore.xml (see https:/
## Log
Here is /var/log/apport.log when the above exception occurs.
ERROR: apport (pid 25904) Tue May 5 18:38:21 2020: Unhandled exception:
Traceback (most recent call last):
File "/usr/share/
if info.check_
File "/usr/lib/
if float(ignore.
ValueError: could not convert string to float: 'string'
Sincerely,
Related branches
CVE References
description: | updated |
information type: | Private Security → Public Security |
affects: | apport → apport (Ubuntu) |
Changed in apport (Ubuntu): | |
importance: | Undecided → Medium |
status: | New → Confirmed |
Changed in apport: | |
milestone: | none → 2.21.0 |
importance: | Undecided → Critical |
status: | New → Fix Released |
Uncaught exception on malformed XML declaration.
Invalid data in the XML declaration causes an exception of a type that was not handled properly in the parser and leads an unexpected exception.
Please check the attached patch.