vulnerability
Ubuntu: USN-3157-1 (CVE-2016-9951): Apport vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:M/Au:N/C:N/I:N/A:P) | Dec 14, 2016 | Jul 1, 2017 | Mar 27, 2026 |
Severity
4
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
Published
Dec 14, 2016
Added
Jul 1, 2017
Modified
Mar 27, 2026
Description
An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.
Solutions
ubuntu-upgrade-apportubuntu-upgrade-apport-gtkubuntu-upgrade-apport-kdeubuntu-upgrade-python-apportubuntu-upgrade-python3-apport
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.