Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2020-15701

Published: 13 May 2020

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.

Priority

Medium

CVSS 3 base score: 5.5

Status

Package Release Status
apport
Launchpad, Ubuntu, Debian
bionic
Released (2.20.9-0ubuntu7.16)
eoan Ignored
(reached end-of-life)
focal
Released (2.20.11-0ubuntu27.6)
precise Does not exist

trusty
Released (2.14.1-0ubuntu3.29+esm5)
upstream Needs triage

xenial
Released (2.20.1-0ubuntu2.24)