Описание
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | not-affected | |
| devel | not-affected | |
| esm-infra-legacy/trusty | not-affected | 2.14.1-0ubuntu3.25 |
| esm-infra/xenial | not-affected | |
| precise/esm | DNE | |
| trusty | not-affected | 2.14.1-0ubuntu3.25 |
| trusty/esm | not-affected | 2.14.1-0ubuntu3.25 |
| upstream | released | 2.13 |
| xenial | not-affected | |
| zesty | not-affected |
Показывать по
Ссылки на источники
7.2 High
CVSS2
7.8 High
CVSS3
Связанные уязвимости
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.
Apport before 2.13 does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers.
Уязвимость программного обеспечения формирования и отправки отчетов об ошибках Apport операционной системы Ubuntu, позволяющая нарушителю вызвать отказ в обслуживании, осуществить выход из LXC или получить привилегии root
7.2 High
CVSS2
7.8 High
CVSS3