Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 52 results


CVE-2023-1326

Medium priority
Fixed

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager,...

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Not affected
Show less packages

CVE-2022-28658

Medium priority

Some fixes available 10 of 11

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28657

Medium priority

Some fixes available 10 of 11

Apport does not disable python crash handler before entering chroot

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28656

Low priority

Some fixes available 10 of 11

is_closing_session() allows users to consume RAM in the Apport process

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28655

Medium priority

Some fixes available 10 of 11

is_closing_session() allows users to create arbitrary tcp dbus connections

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28654

Medium priority

Some fixes available 10 of 11

is_closing_session() allows users to fill up apport.log

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-28653

Low priority
Ignored

Users can consume unlimited disk space in /var/crash

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Ignored Ignored Ignored Ignored Ignored
Show less packages

CVE-2022-28652

Medium priority

Some fixes available 10 of 11

~/.config/apport/settings parsing is vulnerable to "billion laughs" attack

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2022-1242

Medium priority

Some fixes available 10 of 11

Apport can be tricked into connecting to arbitrary sockets as the root user

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages

CVE-2021-3899

Medium priority

Some fixes available 10 of 12

There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.

1 affected packages

apport

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
apport Fixed Fixed Fixed Fixed Fixed
Show less packages