Canonical ≫ Apport

It was discovered that the get_pid_info() function in data/apport did not properly parse the /proc/pid/status file from the kernel.

It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.

It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a cra...

TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed proce...

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.