vulnerability

Ubuntu: USN-3480-3: Apport regression

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
7	(AV:L/AC:L/Au:S/C:C/I:C/A:C)	Jan 3, 2018	Jan 4, 2018	Feb 19, 2025

Severity

CVSS

(AV:L/AC:L/Au:S/C:C/I:C/A:C)

Published

Jan 3, 2018

Added

Jan 4, 2018

Modified

Feb 19, 2025

Description

USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem.

We apologize for the inconvenience.

Original advisory details:

Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)

Sander Bos discovered that Apport incorrectly handled core dumps for processes in a different PID namespace. A local attacker could use this issue to perform a denial of service via resource exhaustion or possibly gain root privileges. (CVE-2017-14180)

Solution

ubuntu-upgrade-apport

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today