CVE-2017-14177 (retired)

Priority
Description
Apport through 2.20.7 does not properly handle core dumps from setuid
binaries allowing local users to create certain files as root which an
attacker could leverage to perform a denial of service via resource
exhaustion or possibly gain root privileges. NOTE: this vulnerability
exists because of an incomplete fix for CVE-2015-1324.
Assigned-to
tyhicks
Package
Upstream:released (2.20.8)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (2.14.1-0ubuntu3.27)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.20.1-0ubuntu2.12)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.20.8-0ubuntu1)
Patches:
Upstream:https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171
More Information

Updated: 2019-03-26 12:25:01 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)