Privilege escalation in Ubuntu apport
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2018-6552 |
| CWE-ID | CWE-20 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
apport (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Privilege escalation
EUVDB-ID: #VU13193
Risk: Low
CVSSv4.0: 4.5 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2018-6552
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to gain elevated privileges or cause DoS condition on the target system.
The vulnerability exists in the apport package used in multiple releases of Ubuntu due to improper handling of core dumps by the affected software when certain files are missing from the /proc directory. A local attacker can send remove certain files from the /proc directory to gain root privileges, deploy malicious code that escapes containers, or cause the service to crash.
MitigationInstall update from vendor's website.
Vulnerable software versionsapport (Ubuntu package): 2.20.0 - 2.20.9
CPE2.3- cpe:2.3:a:canonical:apport_ubuntu_package:2.20.0:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:apport_ubuntu_package:2.20.1:*:*:*:*:ubuntu:*:*
- cpe:2.3:a:canonical:apport_ubuntu_package:2.20.2:*:*:*:*:ubuntu:*:*
https://usn.ubuntu.com/3664-1/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
