Apport

CVEs related to bugs in Apport

Open bugs

Bug	CVE(s)
Bug #1839414: Apport follows symbolic links in path components when creating core dump file	CVE-2019-11482
Apport	New (unassigned)
Bug #1839417: Potentially existing (legitimate, root owned) lock file getting deleted by Apport daily cron(8) script	CVE-2019-11485
Apport	New (unassigned)

Resolved bugs

Bug	CVE(s)
Bug #357024: security hole in /etc/cron.daily/apport	CVE-2009-1295
Apport	Fix released, assigned to Martin Pitt
Bug #1242435: Desktop setuid cores readable by non-privileged user	CVE-2013-1067
Apport	Fix released, assigned to Martin Pitt
Bug #1438758: User to root privilege escalation (ab)using the crash forwarding feature of apport	CVE-2015-1318
Apport	Fix released, assigned to Martin Pitt
Bug #1452239: root escalation with fs.suid_dumpable=2	CVE-2015-1324 CVE-2015-1325
Apport	Fix released, assigned to Martin Pitt
Bug #1453900: root escalation via race condition	CVE-2015-1324 CVE-2015-1325
Apport	Fix released (unassigned)
Bug #1492570: /usr/share/apport/kernel_crashdump accesses files in insecure manner	CVE-2015-1338
Apport	Fix released, assigned to Martin Pitt
Bug #1507480: Privilege escalation through Python module imports	CVE-2015-1341
Apport	Fix released, assigned to Martin Pitt
Bug #1648806: Arbitrary code execution through crafted CrashDB or Package/Source fields in .crash files	CVE-2016-9949 CVE-2016-9950 CVE-2016-9951
Apport	Fix released, assigned to Martin Pitt
Bug #1700573: Code execution through path traversal in .crash files processing	CVE-2017-10708
Apport	Fix released (unassigned)
Bug #1723822: uncaught TypeError triggers ValueError	CVE-2017-14177 CVE-2017-14180
Apport	Fix released (unassigned)
Bug #1830858: TOCTOU vulnerability in _get_ignore_dom (report.py)	CVE-2019-7307
Apport	Fix released (unassigned)
Bug #1830862: Apport reads arbitrary files if ~/.config/apport/settings is a symlink	CVE-2019-11481 CVE-2019-11482 CVE-2019-11483 CVE-2019-11485 CVE-2019-15790
Apport	Fix released (unassigned)
Bug #1839413: TOCTTOU ("time of check to time of use") "cwd" variable race condition	CVE-2019-11481 CVE-2019-11482 CVE-2019-11483 CVE-2019-11485 CVE-2019-15790
Apport	Fix released (unassigned)
Bug #1839415: Fully user controllable lock file due to lock file being located in world-writable directory	CVE-2019-11481 CVE-2019-11482 CVE-2019-11483 CVE-2019-11485 CVE-2019-15790
Apport	Fix released (unassigned)
Bug #1839420: Per-process user controllable Apport socket file	CVE-2019-11481 CVE-2019-11482 CVE-2019-11483 CVE-2019-11485 CVE-2019-15790
Apport	Fix released (unassigned)
Bug #1839795: PID recycling enables an unprivileged user to generate and read a crash report for a privileged process	CVE-2019-11481 CVE-2019-11482 CVE-2019-11483 CVE-2019-11485 CVE-2019-15790
Apport	Fix released (unassigned)
Bug #1862348: Apport lock file root privilege escalation	CVE-2020-8831 CVE-2020-8833
Apport	Fix released (unassigned)
Bug #1862933: Apport crash report & cron script TOCTTOU	CVE-2020-8831 CVE-2020-8833
Apport	Fix released (unassigned)
Bug #1876659: Unhandled exception in run_hang()	CVE-2020-11936 CVE-2020-15701 CVE-2020-15702
Apport	Fix released (unassigned)
Bug #1877023: Unhandled exception in check_ignored()	CVE-2020-11936 CVE-2020-15701 CVE-2020-15702
Apport	Fix released (unassigned)
Bug #1885633: [ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	CVE-2020-11936 CVE-2020-15701 CVE-2020-15702
Apport	Fix released (unassigned)
Bug #1912326: Privilege escalation to root with core file dump	CVE-2021-25682 CVE-2021-25683 CVE-2021-25684
Apport	Fix released (unassigned)
Bug #1917904: Arbitrary file reads	CVE-2021-32547 CVE-2021-32548 CVE-2021-32549 CVE-2021-32550 CVE-2021-32551 CVE-2021-32552 CVE-2021-32553 CVE-2021-32554 CVE-2021-32555 CVE-2021-32556 CVE-2021-32557
Apport	Fix released (unassigned)
Bug #1933832: Path traversal leads to arbitrary file read	CVE-2021-3709 CVE-2021-3710
Apport	Fix released (unassigned)
Bug #1934308: Arbitrary file read in general hook (ubuntu.py)	CVE-2021-3709 CVE-2021-3710
Apport	Fix released (unassigned)
Bug #1948376: race condition in apport lead to Local Privilege Escalation	CVE-2021-3899
Apport	Fix released (unassigned)
Bug #2016023: viewing an apport-cli crash with default pager could escalate privilege (CVE-2023-1326)	CVE-2023-1326
Apport	Fix released (unassigned)