Bug #357024: security hole in /etc/cron.daily/apport
|
CVE-2009-1295 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1242435: Desktop setuid cores readable by non-privileged user
|
CVE-2013-1067 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1438758: User to root privilege escalation (ab)using the crash forwarding feature of apport
|
CVE-2015-1318 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1452239: root escalation with fs.suid_dumpable=2
|
CVE-2015-1324
CVE-2015-1325 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1453900: root escalation via race condition
|
CVE-2015-1324
CVE-2015-1325 |
Apport
|
Fix released (unassigned)
|
Bug #1492570: /usr/share/apport/kernel_crashdump accesses files in insecure manner
|
CVE-2015-1338 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1507480: Privilege escalation through Python module imports
|
CVE-2015-1341 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1648806: Arbitrary code execution through crafted CrashDB or Package/Source fields in .crash files
|
CVE-2016-9949
CVE-2016-9950
CVE-2016-9951 |
Apport
|
Fix released, assigned to Martin Pitt
|
Bug #1700573: Code execution through path traversal in .crash files processing
|
CVE-2017-10708 |
Apport
|
Fix released (unassigned)
|
Bug #1723822: uncaught TypeError triggers ValueError
|
CVE-2017-14177
CVE-2017-14180 |
Apport
|
Fix released (unassigned)
|
Bug #1830858: TOCTOU vulnerability in _get_ignore_dom (report.py)
|
CVE-2019-7307 |
Apport
|
Fix released (unassigned)
|
Bug #1830862: Apport reads arbitrary files if ~/.config/apport/settings is a symlink
|
CVE-2019-11481
CVE-2019-11482
CVE-2019-11483
CVE-2019-11485
CVE-2019-15790 |
Apport
|
Fix released (unassigned)
|
Bug #1839413: TOCTTOU ("time of check to time of use") "cwd" variable race condition
|
CVE-2019-11481
CVE-2019-11482
CVE-2019-11483
CVE-2019-11485
CVE-2019-15790 |
Apport
|
Fix released (unassigned)
|
Bug #1839415: Fully user controllable lock file due to lock file being located in world-writable directory
|
CVE-2019-11481
CVE-2019-11482
CVE-2019-11483
CVE-2019-11485
CVE-2019-15790 |
Apport
|
Fix released (unassigned)
|
Bug #1839420: Per-process user controllable Apport socket file
|
CVE-2019-11481
CVE-2019-11482
CVE-2019-11483
CVE-2019-11485
CVE-2019-15790 |
Apport
|
Fix released (unassigned)
|
Bug #1839795: PID recycling enables an unprivileged user to generate and read a crash report for a privileged process
|
CVE-2019-11481
CVE-2019-11482
CVE-2019-11483
CVE-2019-11485
CVE-2019-15790 |
Apport
|
Fix released (unassigned)
|
Bug #1862348: Apport lock file root privilege escalation
|
CVE-2020-8831
CVE-2020-8833 |
Apport
|
Fix released (unassigned)
|
Bug #1862933: Apport crash report & cron script TOCTTOU
|
CVE-2020-8831
CVE-2020-8833 |
Apport
|
Fix released (unassigned)
|
Bug #1876659: Unhandled exception in run_hang()
|
CVE-2020-11936
CVE-2020-15701
CVE-2020-15702 |
Apport
|
Fix released (unassigned)
|
Bug #1877023: Unhandled exception in check_ignored()
|
CVE-2020-11936
CVE-2020-15701
CVE-2020-15702 |
Apport
|
Fix released (unassigned)
|
Bug #1885633: [ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability
|
CVE-2020-11936
CVE-2020-15701
CVE-2020-15702 |
Apport
|
Fix released (unassigned)
|
Bug #1912326: Privilege escalation to root with core file dump
|
CVE-2021-25682
CVE-2021-25683
CVE-2021-25684 |
Apport
|
Fix released (unassigned)
|
Bug #1917904: Arbitrary file reads
|
CVE-2021-32547
CVE-2021-32548
CVE-2021-32549
CVE-2021-32550
CVE-2021-32551
CVE-2021-32552
CVE-2021-32553
CVE-2021-32554
CVE-2021-32555
CVE-2021-32556
CVE-2021-32557 |
Apport
|
Fix released (unassigned)
|
Bug #1933832: Path traversal leads to arbitrary file read
|
CVE-2021-3709
CVE-2021-3710 |
Apport
|
Fix released (unassigned)
|
Bug #1934308: Arbitrary file read in general hook (ubuntu.py)
|
CVE-2021-3709
CVE-2021-3710 |
Apport
|
Fix released (unassigned)
|
Bug #1948376: race condition in apport lead to Local Privilege Escalation
|
CVE-2021-3899 |
Apport
|
Fix released (unassigned)
|
Bug #2016023: viewing an apport-cli crash with default pager could escalate privilege (CVE-2023-1326)
|
CVE-2023-1326 |
Apport
|
Fix released (unassigned)
|