CVE 2015-1341
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_
Related bugs and status
CVE-2015-1341 (Candidate) is related to these bugs:
Bug #1500450: /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1500450 | /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file | apport (Ubuntu) | Low | Fix Released | ||
1500450 | /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file | apport (Ubuntu Precise) | Medium | Fix Released | ||
1500450 | /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file | apport (Ubuntu Vivid) | High | Fix Released | ||
1500450 | /usr/share/apport/package_hook:FileExistsError:/usr/share/apport/package_hook@64:make_report_file | apport (Ubuntu Trusty) | High | Fix Released |
Bug #1507480: Privilege escalation through Python module imports
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1507480 | Privilege escalation through Python module imports | apport (Ubuntu) | High | Fix Released | ||
1507480 | Privilege escalation through Python module imports | Apport | High | Fix Released | ||
1507480 | Privilege escalation through Python module imports | apport (Ubuntu Wily) | High | Fix Released | ||
1507480 | Privilege escalation through Python module imports | apport (Ubuntu Trusty) | High | Fix Released | ||
1507480 | Privilege escalation through Python module imports | apport (Ubuntu Precise) | High | Fix Released | ||
1507480 | Privilege escalation through Python module imports | apport (Ubuntu Vivid) | High | Fix Released | ||
1507480 | Privilege escalation through Python module imports | apport (Ubuntu Xenial) | High | Fix Released |
See the
CVE page on Mitre.org
for more details.