Описание
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 2.20.9-0ubuntu7.24 |
| devel | released | 2.20.11-0ubuntu67 |
| esm-infra-legacy/trusty | released | 2.14.1-0ubuntu3.29+esm7 |
| esm-infra/bionic | released | 2.20.9-0ubuntu7.24 |
| esm-infra/focal | released | 2.20.11-0ubuntu27.18 |
| esm-infra/xenial | released | 2.20.1-0ubuntu2.30+esm1 |
| focal | released | 2.20.11-0ubuntu27.18 |
| groovy | released | 2.20.11-0ubuntu50.7 |
| hirsute | released | 2.20.11-0ubuntu65.1 |
| impish | released | 2.20.11-0ubuntu67 |
Показывать по
2.1 Low
CVSS2
7.3 High
CVSS3
Связанные уязвимости
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
2.1 Low
CVSS2
7.3 High
CVSS3