Showing 1 - 2 of 2

CVE-2022-28658

Status Candidate

Overview

Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing

Ubuntu Security Notice USN-6894-1: Posted Jul 12, 2024; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 6894-1 - Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user.; tags | advisory, arbitrary, local, root; systems | linux, ubuntu; advisories | CVE-2021-3899, CVE-2022-1242, CVE-2022-28652, CVE-2022-28654, CVE-2022-28655, CVE-2022-28656, CVE-2022-28657, CVE-2022-28658; SHA-256 | 49657c9f208951940a5882e6ed621f3a8835ab9be322277e1a813b58651c0404; Download | Favorite | View

Ubuntu Security Notice USN-5427-1: Posted May 17, 2022; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 5427-1 - Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user.; tags | advisory, arbitrary, local, root; systems | linux, ubuntu; advisories | CVE-2021-3899, CVE-2022-1242, CVE-2022-28652, CVE-2022-28654, CVE-2022-28655, CVE-2022-28656, CVE-2022-28657, CVE-2022-28658; SHA-256 | 4a7a1a4b4a53f12a5e131a2b8e72000ea9e3e0b7606d2ddd406b23a06bd16806; Download | Favorite | View

Page 1 of 1 Back 1 Next