CVE-2021-25683

Summary

It was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.

Affected Software

VendorProductVersion RangeStatus
Canonicalapport2.20.1 < 2.20.1-0ubuntu2.30affected
Canonicalapport2.20.9 < 2.20.9-0ubuntu7.23affected
Canonicalapport2.20.11-0ubuntu27 < 2.20.11-0ubuntu27.16affected
Canonicalapport2.20.11-0ubuntu50 < 2.20.11-0ubuntu50.5affected

Weaknesses

  • CWE-20: CWE-20 Improper Input Validation

ADP Enrichment

CVE Program Container

Additional References

References