CVE-2021-32556
- EPSS 0.09%
- Veröffentlicht 12.06.2021 04:15:12
- Zuletzt bearbeitet 21.11.2024 06:07:15
It was discovered that the get_modified_conffiles() function in backends/packaging-apt-dpkg.py allowed injecting modified package names in a manner that would confuse the dpkg(1) call.
CVE-2021-25684
- EPSS 0.05%
- Veröffentlicht 11.06.2021 03:15:06
- Zuletzt bearbeitet 03.11.2025 20:15:45
It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.
CVE-2021-25683
- EPSS 0.05%
- Veröffentlicht 11.06.2021 03:15:06
- Zuletzt bearbeitet 21.11.2024 05:55:17
It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.
CVE-2021-25682
- EPSS 0.06%
- Veröffentlicht 11.06.2021 03:15:06
- Zuletzt bearbeitet 21.11.2024 05:55:17
It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel.
- EPSS 0.04%
- Veröffentlicht 06.08.2020 23:15:11
- Zuletzt bearbeitet 03.11.2025 20:15:44
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed proce...
CVE-2020-15701
- EPSS 0.12%
- Veröffentlicht 06.08.2020 23:15:11
- Zuletzt bearbeitet 21.11.2024 05:06:02
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a cra...
CVE-2015-1341
- EPSS 0.14%
- Veröffentlicht 22.04.2019 16:29:00
- Zuletzt bearbeitet 21.11.2024 02:25:12
Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.