VDB

CVE-2019-15790

CVE-2019-15790 PUBLISHED

Apport reads and writes information on a crashed process to /proc/pid with elevated privileges. Apport then determines which user the crashed process belongs to by reading /proc/pid through get_pid_info() in data/apport. An unprivileged user could exploit this to read information about a privileged running process by exploiting PID recycling. This information could then be used to obtain ASLR offsets for a process with an existing memory corruption vulnerability. The initial fix introduced regressions in the Python Apport library due to a missing argument in Report.add_proc_environ in apport/report.py. It also caused an autopkgtest failure when reading /proc/pid and with Python 2 compatibility by reading /proc maps. The initial and subsequent regression fixes are in 2.20.11-0ubuntu16, 2.20.11-0ubuntu8.6, 2.20.9-0ubuntu7.12, 2.20.1-0ubuntu2.22 and 2.14.1-0ubuntu3.29+esm3.

EPSS 0.06% · 19.8th percentile

Risk Scores

EPSS Score
0.06%
19.8th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSapport0, 2.20.8-0ubuntu4, 2.20.9-0ubuntu7.2
Ubuntu:16.04:LTSapport2.20.1-0ubuntu2.15, 0, 2.19.1-0ubuntu3
Ubuntu:Pro:14.04:LTSapport2.14.1-0ubuntu1, 2.14-0ubuntu1, 2.13.2-0ubuntu5

Exploit Intelligence

…and 1 more exploits

Timeline

  • Oct 29, 2019 CVE Published
  • Apr 14, 2021 EPSS Score
  • Jun 23, 2021 EPSS Score
  • Aug 24, 2021 EPSS Score
  • Oct 26, 2021 EPSS Score
  • Jan 6, 2022 EPSS Score
  • Feb 4, 2022 EPSS Score
  • Feb 28, 2022 EPSS Score
  • Apr 1, 2022 EPSS Score
  • May 1, 2022 EPSS Score
  • Jul 3, 2022 EPSS Score
  • Sep 4, 2022 EPSS Score

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›