Описание
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.20.9-0ubuntu7.16 |
| devel | released | 2.20.11-0ubuntu44 |
| eoan | ignored | end of life |
| esm-infra-legacy/trusty | released | 2.14.1-0ubuntu3.29+esm5 |
| esm-infra/bionic | released | 2.20.9-0ubuntu7.16 |
| esm-infra/focal | released | 2.20.11-0ubuntu27.6 |
| esm-infra/xenial | released | 2.20.1-0ubuntu2.24 |
| focal | released | 2.20.11-0ubuntu27.6 |
| precise/esm | DNE | |
| trusty | ignored | end of standard support |
Показывать по
EPSS
2.1 Low
CVSS2
5.5 Medium
CVSS3
Связанные уязвимости
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
Уязвимость функции check_ignored() службы регистрации ошибок Apport, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
2.1 Low
CVSS2
5.5 Medium
CVSS3