CVE-2019-11482
4.2
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L
Summary
Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Canonical | apport | 2.14.1 < 2.14.1-0ubuntu3.29+esm2 | affected |
| Canonical | apport | 2.20.1 < 2.20.1-0ubuntu2.20 | affected |
| Canonical | apport | 2.20.9 < 2.20.9-0ubuntu7.8 | affected |
| Canonical | apport | 2.20.11 < 2.20.11-0ubuntu8.1 | affected |
Weaknesses
- Read user data with administrator privileges
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.