CVE-2020-15702

EPSS 0.08%
Published 06.08.2020 23:15:11
Last modified 21.11.2024 05:06:03
Source security@ubuntu.com
Teams watchlist Login
Open Login

TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234.

Affected products Warnungen 0 Metrics 4 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Canonical ≫ Apport Version2.20.11-0ubuntu8

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu9

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu10

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu11

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu12

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu13

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu14

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu15

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu16

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu17

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu18

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu19

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu20

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu21

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu22

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu23

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu24

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu25

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu26

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu27

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu27.2

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu27.3

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu27.4

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.11-0ubuntu27.5

Canonical ≫ Ubuntu Linux Version20.04 SwEditionlts

Canonical ≫ Apport Version2.20.7-0ubuntu3

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.7-0ubuntu3.1

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.7-0ubuntu4

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu1

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu2

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu3

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu4

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu5

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu6

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu7

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu8

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu9

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.8-0ubuntu10

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu1

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu2

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu3

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu4

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu5

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu6

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.1

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.2

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.3

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.4

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.5

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.6

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.7

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.8

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.9

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.10

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.11

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.12

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.13

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.14

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.20.9-0ubuntu7.15

Canonical ≫ Ubuntu Linux Version18.04 SwEditionlts

Canonical ≫ Apport Version2.19.1-0ubuntu3

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu1

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu2

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu3

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu4

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu5

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu6

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu7

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu8

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.2-0ubuntu9

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.3-0ubuntu1

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.3-0ubuntu2

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.3-0ubuntu3

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.4-0ubuntu1

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.19.4-0ubuntu2

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20-0ubuntu1

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20-0ubuntu2

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20-0ubuntu3

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu1

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.1

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.2

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.4

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.5

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.6

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.7

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.8

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.9

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.10

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.12

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.13

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.14

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.15

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.16

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.17

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.18

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.19

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.20

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.21

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.22

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Apport Version2.20.1-0ubuntu2.23

Canonical ≫ Ubuntu Linux Version16.04 SwEditionlts

Canonical ≫ Ubuntu Linux Version14.04 SwEditionesm

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.08%	0.25

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
nvd@nist.gov	4.4	3.4	6.4	AV:L/AC:M/Au:N/C:P/I:P/A:P
security@ubuntu.com	7	1	5.9	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.

https://usn.ubuntu.com/4449-1

Vendor Advisory

https://usn.ubuntu.com/4449-1/

Vendor Advisory

https://usn.ubuntu.com/4449-2/

Vendor Advisory

https://www.zerodayinitiative.com/advisories/ZDI-20-979/

Third Party Advisory

VDB Entry

https://nvd.nist.gov/vuln/detail/CVE-2020-15702

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-15702

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-15702

EUVD