← Back to CVEs

CVE-2019-7307

HIGH

7.0

Description

Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad, or by leveraging some other vulnerability to read the resulting crash report, and so allow the user to read arbitrary files on the system.

CVE Details

CVSS v3.1 Score7.0

SeverityHIGH

CVSS VectorCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack VectorLOCAL

ComplexityHIGH

Privileges RequiredLOW

User InteractionNONE

Published8/29/2019

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

apport_project:apportcanonical:ubuntu_linux

Weaknesses (CWE)

CWE-367CWE-367

References

http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html(security@ubuntu.com)

https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1830858(security@ubuntu.com)

https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-7307.html(security@ubuntu.com)

http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html(af854a3a-2127-422b-91ae-364da2661108)

https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1830858(af854a3a-2127-422b-91ae-364da2661108)

https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-7307.html(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.