CVE-2017-14180

Priority
Medium
Description
Apport 2.13 through 2.20.7 does not properly handle crashes originating
from a PID namespace allowing local users to create certain files as root
which an attacker could leverage to perform a denial of service via
resource exhaustion or possibly gain root privileges, a different
vulnerability than CVE-2017-14179.
References
Bugs
Assigned-to
tyhicks
Package
Upstream:released (2.20.8)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 LTS (Trusty Tahr):released (2.14.1-0ubuntu3.27)
Ubuntu 16.04 LTS (Xenial Xerus):released (2.20.1-0ubuntu2.12)
Ubuntu 17.10 (Artful Aardvark):released (2.20.7-0ubuntu3.4)
Ubuntu 18.04 LTS (Bionic Beaver):released (2.20.8-0ubuntu1)
Patches:
Upstream:https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171
More Information

Updated: 2018-02-07 23:14:51 UTC (commit 14149)