Vulnerability & Exploit Database

Back to search

Ubuntu: (Multiple Advisories) (CVE-2017-14177): Apport regression

Severity CVSS Published Added Modified
7 (AV:L/AC:L/Au:N/C:C/I:C/A:C) November 15, 2017 November 16, 2017 April 25, 2018

Description

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

ubuntu-upgrade-apport