CVE-2021-32555 apport read_file() function could follow maliciously constructed symbolic links

2021-06-1203:40:41

CWE-59

CWE-61

canonical

www.cve.org

vulnerability

apport

read_file()

symbolic links

xorg-hwe-18.04 package

private data

local users

CVSS3

7.3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:L

EPSS

Percentile

5.1%

JSON

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

CNA Affected

[
  {
    "product": "apport",
    "vendor": "Canonical",
    "versions": [
      {
        "lessThan": "2.20.1-0ubuntu2.30+esm1",
        "status": "affected",
        "version": "2.20.1",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.9-0ubuntu7.24",
        "status": "affected",
        "version": "2.20.9",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.11-0ubuntu27.18",
        "status": "affected",
        "version": "2.20.11-0ubuntu27",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.11-0ubuntu50.7",
        "status": "affected",
        "version": "2.20.11-0ubuntu50",
        "versionType": "custom"
      },
      {
        "lessThan": "2.20.11-0ubuntu65.1",
        "status": "affected",
        "version": "2.20.11-0ubuntu65",
        "versionType": "custom"
      },
      {
        "lessThan": "2.14.1-0ubuntu3.29+esm7",
        "status": "affected",
        "version": "2.14.1-0ubuntu3",
        "versionType": "custom"
      }
    ]
  }
]