CVE-2017-14177 (retired)

Priority
Description
Apport through 2.20.7 does not properly handle core dumps from setuid
binaries allowing local users to create certain files as root which an
attacker could leverage to perform a denial of service via resource
exhaustion or possibly gain root privileges. NOTE: this vulnerability
exists because of an incomplete fix for CVE-2015-1324.
Assigned-to
tyhicks
Notes
Package
Upstream:released (2.20.8)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (2.20.1-0ubuntu2.12)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.20.8-0ubuntu1)
Patches:
Upstream:https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171
More Information

Updated: 2019-10-09 07:59:10 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)