USN-4449-1: Apport vulnerabilities
Ryota Shiga discovered that Apport incorrectly dropped privileges when
making certain D-Bus calls. A local attacker could use this issue to read
arbitrary files. (CVE-2020-11936)
Seong-Joong Kim discovered that Apport incorrectly parsed configuration
files. A local attacker could use this issue to cause Apport to crash,
resulting in a denial of service. (CVE-2020-15701)
Ryota Shiga discovered that Apport incorrectly implemented certain checks.
A local attacker could use this issue to escalate privileges and run
arbitrary code. (CVE-2020-15702)
Source: USN-4449-1: Apport vulnerabilities
Leave a Reply