Rapid7 Vulnerability & Exploit Database

Ubuntu: USN-5427-1 (CVE-2022-28655): Apport vulnerabilities

Back to Search

Ubuntu: USN-5427-1 (CVE-2022-28655): Apport vulnerabilities

Severity
4
CVSS
(AV:L/AC:M/Au:N/C:P/I:P/A:P)
Published
05/17/2022
Created
05/20/2022
Added
05/18/2022
Modified
05/18/2022

Description

Details for this vulnerability have not been published by NIST at this point. Descriptions from software vendor advisories for this issue are provided below.

From USN-5427-1:

Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899)

Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242)

Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652)

Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to denial of service. (CVE-2022-28654)

Gerrit Venema discovered that Apport did not filter D-Bus connection strings. A local attacker could possibly use this issue to cause Apport to make arbitrary network connections. (CVE-2022-28655)

Gerrit Venema discovered that Apport did not limit the amount of memory being consumed during D-Bus connections. A local attacker could possibly use this issue to cause Apport to consume memory, leading to a denial of service. (CVE-2022-28656)

Gerrit Venema discovered that Apport did not disable the python crash handler before chrooting into a container. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2022-28657)

Gerrit Venema discovered that Apport incorrectly handled filename argument whitespace. A local attacker could possibly use this issue to spoof arguments to the Apport daemon. (CVE-2022-28658)

Solution(s)

  • ubuntu-upgrade-apport
  • ubuntu-upgrade-python3-apport

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;