USN-4171-6: Apport regression<\/p>\n
USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression
\nwhen handling configuration files. This update fixes the problem, and also
\nintroduces further hardening measures.<\/p>\n
Original advisory details:<\/p>\n
Kevin Backhouse discovered Apport would read its user-controlled settings
\n file as the root user. This could be used by a local attacker to possibly
\n crash Apport or have other unspecified consequences. (CVE-2019-11481)<\/p>\n
Sander Bos discovered a race-condition in Apport during core dump
\n creation. This could be used by a local attacker to generate a crash report
\n for a privileged process that is readable by an unprivileged user.
\n (CVE-2019-11482)<\/p>\n
Sander Bos discovered Apport mishandled crash dumps originating from
\n containers. This could be used by a local attacker to generate a crash
\n report for a privileged process that is readable by an unprivileged user.
\n (CVE-2019-11483)<\/p>\n
Sander Bos discovered Apport mishandled lock-file creation. This could be
\n used by a local attacker to cause a denial of service against Apport.
\n (CVE-2019-11485)<\/p>\n
Kevin Backhouse discovered Apport read various process-specific files with USN-4171-6: Apport regression USN-4171-1 fixed vulnerabilities in Apport. The update caused a regression when handling configuration files. This update fixes the problem, and also introduces further hardening measures. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly crash Apport or have other unspecified consequences. (CVE-2019-11481) Sander Bos discovered a race-condition in Apport during core dump creation. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11482) Sander Bos discovered Apport mishandled crash dumps originating from containers. This could be used by a local attacker to generate a crash report for a privileged process that is readable by an unprivileged user. (CVE-2019-11483) Sander Bos discovered Apport mishandled lock-file [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-39371","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/39371","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=39371"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/39371\/revisions"}],"predecessor-version":[{"id":39372,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/39371\/revisions\/39372"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=39371"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=39371"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=39371"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
\n elevated privileges during crash dump generation. This could could be used
\n by a local attacker to generate a crash report for a privileged process
\n that is readable by an unprivileged user. (CVE-2019-15790)
\nSource: USN-4171-6: Apport regression<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"