Search CVE reports


Toggle filters

1 – 10 of 52 results


CVE-2023-1326

Medium priority
Fixed

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager,...

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Not affected
Show less packages

CVE-2022-28658

Medium priority

Some fixes available 10 of 11

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28657

Medium priority

Some fixes available 10 of 11

Apport does not disable python crash handler before entering chroot

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28656

Low priority

Some fixes available 10 of 11

is_closing_session() allows users to consume RAM in the Apport process

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28655

Medium priority

Some fixes available 10 of 11

is_closing_session() allows users to create arbitrary tcp dbus connections

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28654

Medium priority

Some fixes available 10 of 11

is_closing_session() allows users to fill up apport.log

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28653

Low priority
Ignored

Users can consume unlimited disk space in /var/crash

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2022-28652

Medium priority

Some fixes available 10 of 11

~/.config/apport/settings parsing is vulnerable to "billion laughs" attack

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-1242

Medium priority

Some fixes available 10 of 11

Apport can be tricked into connecting to arbitrary sockets as the root user

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-3899

Medium priority

Some fixes available 10 of 12

There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.

1 affected package

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages