CVE 2019-11483
Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user.
Related bugs and status
CVE-2019-11483 (Candidate) is related to these bugs:
Bug #1830862: Apport reads arbitrary files if ~/.config/apport/settings is a symlink
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1830862 | Apport reads arbitrary files if ~/.config/apport/settings is a symlink | apport (Ubuntu) | Undecided | Fix Released | ||
1830862 | Apport reads arbitrary files if ~/.config/apport/settings is a symlink | Apport | Critical | Fix Released |
Bug #1839413: TOCTTOU ("time of check to time of use") "cwd" variable race condition
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1839413 | TOCTTOU ("time of check to time of use") "cwd" variable race condition | Apport | High | Fix Released | ||
1839413 | TOCTTOU ("time of check to time of use") "cwd" variable race condition | apport (Ubuntu) | High | Fix Released |
Bug #1839415: Fully user controllable lock file due to lock file being located in world-writable directory
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1839415 | Fully user controllable lock file due to lock file being located in world-writable directory | Apport | Low | Fix Released | ||
1839415 | Fully user controllable lock file due to lock file being located in world-writable directory | apport (Ubuntu) | Low | Fix Released |
Bug #1839420: Per-process user controllable Apport socket file
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1839420 | Per-process user controllable Apport socket file | Apport | High | Fix Released | ||
1839420 | Per-process user controllable Apport socket file | apport (Ubuntu) | High | Fix Released |
Bug #1839795: PID recycling enables an unprivileged user to generate and read a crash report for a privileged process
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1839795 | PID recycling enables an unprivileged user to generate and read a crash report for a privileged process | apport (Ubuntu) | Undecided | Fix Released | ||
1839795 | PID recycling enables an unprivileged user to generate and read a crash report for a privileged process | Apport | Critical | Fix Released |
See the
CVE page on Mitre.org
for more details.