Lucene search
CanonicalCVE-2020-15701HistoryAug 06, 2020 - 11:15 p.m.
CVE-2020-15701
2020-08-0623:15:11
CWE-755
canonical
web.nvd.nist.gov
39
cve
2020
15701
unhandled exception
check_ignored
apport
report.py
local attacker
denial of service
mtime attribute
apport-ignore.xml
crash
nvd
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
5.7
Confidence
High
EPSS
0
Percentile
5.1%
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.
Affected configurations
Node
canonicalapportMatch2.20.11-0ubuntu8
ORcanonicalapportMatch2.20.11-0ubuntu9
ORcanonicalapportMatch2.20.11-0ubuntu10
ORcanonicalapportMatch2.20.11-0ubuntu11
ORcanonicalapportMatch2.20.11-0ubuntu12
ORcanonicalapportMatch2.20.11-0ubuntu13
ORcanonicalapportMatch2.20.11-0ubuntu14
ORcanonicalapportMatch2.20.11-0ubuntu15
ORcanonicalapportMatch2.20.11-0ubuntu16
ORcanonicalapportMatch2.20.11-0ubuntu17
ORcanonicalapportMatch2.20.11-0ubuntu18
ORcanonicalapportMatch2.20.11-0ubuntu19
ORcanonicalapportMatch2.20.11-0ubuntu20
ORcanonicalapportMatch2.20.11-0ubuntu21
ORcanonicalapportMatch2.20.11-0ubuntu22
ORcanonicalapportMatch2.20.11-0ubuntu23
ORcanonicalapportMatch2.20.11-0ubuntu24
ORcanonicalapportMatch2.20.11-0ubuntu25
ORcanonicalapportMatch2.20.11-0ubuntu26
ORcanonicalapportMatch2.20.11-0ubuntu27
ORcanonicalapportMatch2.20.11-0ubuntu27.2
ORcanonicalapportMatch2.20.11-0ubuntu27.3
ORcanonicalapportMatch2.20.11-0ubuntu27.4
ORcanonicalapportMatch2.20.11-0ubuntu27.5
canonicalubuntu_linuxMatch20.04lts
Node
canonicalapportMatch2.20.7-0ubuntu3
ORcanonicalapportMatch2.20.7-0ubuntu3.1
ORcanonicalapportMatch2.20.7-0ubuntu4
ORcanonicalapportMatch2.20.8-0ubuntu1
ORcanonicalapportMatch2.20.8-0ubuntu2
ORcanonicalapportMatch2.20.8-0ubuntu3
ORcanonicalapportMatch2.20.8-0ubuntu4
ORcanonicalapportMatch2.20.8-0ubuntu5
ORcanonicalapportMatch2.20.8-0ubuntu6
ORcanonicalapportMatch2.20.8-0ubuntu7
ORcanonicalapportMatch2.20.8-0ubuntu8
ORcanonicalapportMatch2.20.8-0ubuntu9
ORcanonicalapportMatch2.20.8-0ubuntu10
ORcanonicalapportMatch2.20.9-0ubuntu1
ORcanonicalapportMatch2.20.9-0ubuntu2
ORcanonicalapportMatch2.20.9-0ubuntu3
ORcanonicalapportMatch2.20.9-0ubuntu4
ORcanonicalapportMatch2.20.9-0ubuntu5
ORcanonicalapportMatch2.20.9-0ubuntu6
ORcanonicalapportMatch2.20.9-0ubuntu7
ORcanonicalapportMatch2.20.9-0ubuntu7.1
ORcanonicalapportMatch2.20.9-0ubuntu7.2
ORcanonicalapportMatch2.20.9-0ubuntu7.3
ORcanonicalapportMatch2.20.9-0ubuntu7.4
ORcanonicalapportMatch2.20.9-0ubuntu7.5
ORcanonicalapportMatch2.20.9-0ubuntu7.6
ORcanonicalapportMatch2.20.9-0ubuntu7.7
ORcanonicalapportMatch2.20.9-0ubuntu7.8
ORcanonicalapportMatch2.20.9-0ubuntu7.9
ORcanonicalapportMatch2.20.9-0ubuntu7.10
ORcanonicalapportMatch2.20.9-0ubuntu7.11
ORcanonicalapportMatch2.20.9-0ubuntu7.12
ORcanonicalapportMatch2.20.9-0ubuntu7.13
ORcanonicalapportMatch2.20.9-0ubuntu7.14
ORcanonicalapportMatch2.20.9-0ubuntu7.15
canonicalubuntu_linuxMatch18.04lts
Node
canonicalapportMatch2.19.1-0ubuntu3
ORcanonicalapportMatch2.19.2-0ubuntu1
ORcanonicalapportMatch2.19.2-0ubuntu2
ORcanonicalapportMatch2.19.2-0ubuntu3
ORcanonicalapportMatch2.19.2-0ubuntu4
ORcanonicalapportMatch2.19.2-0ubuntu5
ORcanonicalapportMatch2.19.2-0ubuntu6
ORcanonicalapportMatch2.19.2-0ubuntu7
ORcanonicalapportMatch2.19.2-0ubuntu8
ORcanonicalapportMatch2.19.2-0ubuntu9
ORcanonicalapportMatch2.19.3-0ubuntu1
ORcanonicalapportMatch2.19.3-0ubuntu2
ORcanonicalapportMatch2.19.3-0ubuntu3
ORcanonicalapportMatch2.19.4-0ubuntu1
ORcanonicalapportMatch2.19.4-0ubuntu2
ORcanonicalapportMatch2.20-0ubuntu1
ORcanonicalapportMatch2.20-0ubuntu2
ORcanonicalapportMatch2.20-0ubuntu3
ORcanonicalapportMatch2.20.1-0ubuntu1
ORcanonicalapportMatch2.20.1-0ubuntu2
ORcanonicalapportMatch2.20.1-0ubuntu2.1
ORcanonicalapportMatch2.20.1-0ubuntu2.2
ORcanonicalapportMatch2.20.1-0ubuntu2.4
ORcanonicalapportMatch2.20.1-0ubuntu2.5
ORcanonicalapportMatch2.20.1-0ubuntu2.6
ORcanonicalapportMatch2.20.1-0ubuntu2.7
ORcanonicalapportMatch2.20.1-0ubuntu2.8
ORcanonicalapportMatch2.20.1-0ubuntu2.9
ORcanonicalapportMatch2.20.1-0ubuntu2.10
ORcanonicalapportMatch2.20.1-0ubuntu2.12
ORcanonicalapportMatch2.20.1-0ubuntu2.13
ORcanonicalapportMatch2.20.1-0ubuntu2.14
ORcanonicalapportMatch2.20.1-0ubuntu2.15
ORcanonicalapportMatch2.20.1-0ubuntu2.16
ORcanonicalapportMatch2.20.1-0ubuntu2.17
ORcanonicalapportMatch2.20.1-0ubuntu2.18
ORcanonicalapportMatch2.20.1-0ubuntu2.19
ORcanonicalapportMatch2.20.1-0ubuntu2.20
ORcanonicalapportMatch2.20.1-0ubuntu2.21
ORcanonicalapportMatch2.20.1-0ubuntu2.22
ORcanonicalapportMatch2.20.1-0ubuntu2.23
canonicalubuntu_linuxMatch16.04lts
Node
canonicalubuntu_linuxMatch14.04esm
ORcanonicalubuntu_linuxMatch16.04esm
ORcanonicalubuntu_linuxMatch18.04lts
ORcanonicalubuntu_linuxMatch20.04lts
| Vendor | Product | Version | CPE |
|---|---|---|---|
| canonical | apport | 2.20.11-0ubuntu8 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu8:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu9 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu9:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu10 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu10:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu11 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu11:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu12 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu12:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu13 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu13:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu14 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu14:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu15 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu15:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu16 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu16:*:*:*:*:*:*:* |
| canonical | apport | 2.20.11-0ubuntu17 | cpe:2.3:a:canonical:apport:2.20.11-0ubuntu17:*:*:*:*:*:*:* |
CNA Affected
[
{
"product": "apport",
"vendor": "Canonical",
"versions": [
{
"lessThan": "2.20.1-0ubuntu2.24",
"status": "affected",
"version": "2.20.1",
"versionType": "custom"
},
{
"lessThan": "2.20.9-0ubuntu7.16",
"status": "affected",
"version": "2.20.9",
"versionType": "custom"
},
{
"lessThan": "2.20.11-0ubuntu27.6",
"status": "affected",
"version": "2.20.11",
"versionType": "custom"
}
]
}
]Related
cvelist
cvelist
CVE-2020-15701 Unhandled exception in apport
2020-08-06 22:50:22
nvd
nvd
CVE-2020-15701
2020-08-06 23:15:11
ubuntucve
ubuntucve
CVE-2020-15701
2020-05-13 00:00:00
prion
prion
Code injection
2020-08-06 23:15:00
ubuntu
ubuntu
Apport vulnerabilities
2020-08-04 00:00:00
Apport vulnerabilities
2020-09-02 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-4449-2)
2022-08-26 00:00:00
Ubuntu: Security Advisory (USN-4449-1)
2020-08-05 00:00:00
nessus
nessus
CVSS2
2.1
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:L/AC:L/Au:N/C:N/I:N/A:P
CVSS3
5.5
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
AI Score
5.7
Confidence
High
EPSS
0
Percentile
5.1%
Related for CVE-2020-15701