CVE-2019-11482

Published: 29 October 2019

Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.

Priority

CVSS 3 base score: 4.7

Status

Package	Release	Status
apport Launchpad, Ubuntu, Debian	bionic	Released (2.20.9-0ubuntu7.8)
	disco	Released (2.20.10-0ubuntu27.2)
	eoan	Released (2.20.11-0ubuntu8.1)
	precise	Does not exist
	trusty	Released (2.14.1-0ubuntu3.29+esm2)
	upstream	Needs triage
	xenial	Released (2.20.1-0ubuntu2.20)