CVE-2016-9951

Priority
Description
An issue was discovered in Apport before 2.20.4. A malicious Apport crash
file can contain a restart command in `RespawnCommand` or `ProcCmdline`
fields. This command will be executed if a user clicks the Relaunch button
on the Apport prompt from the malicious crash file. The fix is to only show
the Relaunch button on Apport crash files generated by local systems. The
Relaunch button will be hidden when crash files are opened directly in
Apport-GTK.
Ubuntu-Description
Donncha O Cearbhaill discovered that Apport would offer to restart an
application based on the contents of the RespawnCommand or ProcCmdline
fields in a crash file. An attacker could use this to convince a
user to open a maliciously crafted crash file and execute arbitrary
code with the privileges of that user.
Notes
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was released [2.0.1-0ubuntu17.15])
Ubuntu 14.04 ESM (Trusty Tahr):released (2.14.1-0ubuntu3.23)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.20.1-0ubuntu2.4)
More Information

Updated: 2019-12-05 18:46:52 UTC (commit dd38ff22974aae499eb50644b9d5a2817483cbdb)