Ubuntu 14.04 ESM update for Apport
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 5 |
| CVE-ID | CVE-2019-15790 CVE-2019-11485 CVE-2019-11483 CVE-2019-11482 CVE-2019-11481 |
| CWE-ID | CWE-264 CWE-399 CWE-61 CWE-362 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
apport (Ubuntu package) Operating systems & Components / Operating system package or component python3-apport (Ubuntu package) Operating systems & Components / Operating system package or component |
| Vendor | Canonical Ltd. |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
1) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU22533
Risk: Low
CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-15790
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to Apport reads various process-specific files with elevated privileges during crash dump generation. A local user can force the application to generate a crash report for a privileged process and gain access to sensitive information.
Update the affected packages.
- Ubuntu 14.04 ESM
- apport - 2.14.1-0ubuntu3.29+esm3
- python-apport - 2.14.1-0ubuntu3.29+esm3
- python3-apport - 2.14.1-0ubuntu3.29+esm3
apport (Ubuntu package): 2.14.1-0ubuntu3.1 - 2.14.1-0ubuntu3.29
python3-apport (Ubuntu package): before 2.14.1-0ubuntu3.29+esm3
CPE2.3- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.1:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.2:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.3:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:python3-apport_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://usn.ubuntu.com/4171-4/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Resource management error
EUVDB-ID: #VU22532
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11485
CWE-ID:
CWE-399 - Resource Management Errors
Exploit availability: No
DescriptionThe vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to Apport mishandled lock-file creation. A local user can crash the Apport service.
Update the affected packages.
- Ubuntu 14.04 ESM
- apport - 2.14.1-0ubuntu3.29+esm3
- python-apport - 2.14.1-0ubuntu3.29+esm3
- python3-apport - 2.14.1-0ubuntu3.29+esm3
apport (Ubuntu package): 2.14.1-0ubuntu3.1 - 2.14.1-0ubuntu3.29
python3-apport (Ubuntu package): before 2.14.1-0ubuntu3.29+esm3
CPE2.3- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.1:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.2:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.3:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:python3-apport_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://usn.ubuntu.com/4171-4/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) UNIX symbolic link following
EUVDB-ID: #VU22531
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11483
CWE-ID:
CWE-61 - UNIX Symbolic Link (Symlink) Following
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to the Apport mishandles crash dumps originating from
containers. A local user can trigger a crush dump for a controlled container and force the Apport to generate a report for a privileged process.
Update the affected packages.
- Ubuntu 14.04 ESM
- apport - 2.14.1-0ubuntu3.29+esm3
- python-apport - 2.14.1-0ubuntu3.29+esm3
- python3-apport - 2.14.1-0ubuntu3.29+esm3
apport (Ubuntu package): 2.14.1-0ubuntu3.1 - 2.14.1-0ubuntu3.29
python3-apport (Ubuntu package): before 2.14.1-0ubuntu3.29+esm3
CPE2.3- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.1:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.2:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.3:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:python3-apport_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://usn.ubuntu.com/4171-4/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Race condition
EUVDB-ID: #VU22530
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11482
Exploit availability: No
DescriptionThe vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to a race condition. A local user can force the Apport application to generate a crash report
for a privileged process and make it readable to an unprivileged user.
Update the affected packages.
- Ubuntu 14.04 ESM
- apport - 2.14.1-0ubuntu3.29+esm3
- python-apport - 2.14.1-0ubuntu3.29+esm3
- python3-apport - 2.14.1-0ubuntu3.29+esm3
apport (Ubuntu package): 2.14.1-0ubuntu3.1 - 2.14.1-0ubuntu3.29
python3-apport (Ubuntu package): before 2.14.1-0ubuntu3.29+esm3
CPE2.3- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.1:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.2:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.3:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:python3-apport_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://usn.ubuntu.com/4171-4/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Permissions, Privileges, and Access Controls
EUVDB-ID: #VU22529
Risk: Low
CVSSv4.0: 1.1 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2019-11481
CWE-ID:
CWE-264 - Permissions, Privileges, and Access Controls
Exploit availability: No
DescriptionThe vulnerability allows a local user to bypass certain security restrictions.
The vulnerability exists due Apport reads user-controlled settings files with root privileges. A local user can create a specially crafted settings file and force the application to read it. This could lead to application crash.
Update the affected packages.
- Ubuntu 14.04 ESM
- apport - 2.14.1-0ubuntu3.29+esm3
- python-apport - 2.14.1-0ubuntu3.29+esm3
- python3-apport - 2.14.1-0ubuntu3.29+esm3
apport (Ubuntu package): 2.14.1-0ubuntu3.1 - 2.14.1-0ubuntu3.29
python3-apport (Ubuntu package): before 2.14.1-0ubuntu3.29+esm3
CPE2.3- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.1:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.2:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:apport_ubuntu_package:2.14.1-0ubuntu3.3:*:*:*:*:ubuntu:*:*
- cpe:2.3:o:canonical:python3-apport_ubuntu_package:*:*:*:*:*:ubuntu:*:*
https://usn.ubuntu.com/4171-4/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
