Description
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
Analysis
Analysis and contextual insights are available on OpenCVE Cloud.
Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).
| Vendor | Product | Default status | Versions | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Canonical | apport | affected |
|
Configuration 1 [-]
| AND |
|
Configuration 2 [-]
| AND |
|
Configuration 3 [-]
| AND |
|
Configuration 4 [-]
|
No data.
No data available yet.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
 EUVD |
EUVD-2020-7688 | An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6. |
 Ubuntu USN |
USN-4449-1 | Apport vulnerabilities |
| Ubuntu USN |
USN-4449-2 | Apport vulnerabilities |
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published:
Updated: 2024-09-16T20:52:16.329Z
Reserved: 2020-07-14T00:00:00.000Z
Link: CVE-2020-15701
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-08-06T23:15:11.670
Modified: 2024-11-21T05:06:02.950
Link: CVE-2020-15701
Redhat
No data.
OpenCVE Enrichment
No data.
Weaknesses