CVE-2017-14177
published 2018-02-02CVE-2017-14177: Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could…
PriorityP336high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
0.40%
31.5th percentile
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apport_project | apport | <= 2.20.7 | — |
| apport_project | apport | >= 0 < 2.14.1-0ubuntu3.27 | 2.14.1-0ubuntu3.27 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.15 | 2.20.1-0ubuntu2.15 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.13 | 2.20.1-0ubuntu2.13 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.12 | 2.20.1-0ubuntu2.12 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Apport regression
vendor_ubuntu·2018-01-03·CVSS 7.8
[HIGH] Apport regression
Title: Apport regression
Summary: USN-3480-2 introduced regressions in Apport.
USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem.
We apologize for the inconvenience.
Original advisory details:
Sander Bos discovered that Apport incorrectly handled core dumps for setuid
binaries. A local attacker could use this issue to perform a denial of service
via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)
Sander Bos discovered that Apport incorrectly handled core dumps for processes
in a different PID namespace. A local attacker could use this issue to perform
a denial of service via resource exhaustion or possibly gain root privileges.
(CVE-2017-14180)
Instructions: In general, a
Ubuntu
Apport regressions
vendor_ubuntu·2017-11-20·CVSS 7.8
CVE-2017-14177 [HIGH] Apport regressions
Title: Apport regressions
Summary: USN-3480-1 introduced regressions in Apport.
USN-3480-1 fixed vulnerabilities in Apport. The fix for CVE-2017-14177
introduced a regression in the ability to handle crashes for users that
configured their systems to use the Upstart init system in Ubuntu 16.04
LTS and Ubuntu 17.04. The fix for CVE-2017-14180 temporarily disabled
crash forwarding to containers. This update addresses the problems.
We apologize for the inconvenience.
Original advisory details:
Sander Bos discovered that Apport incorrectly handled core dumps for setuid
binaries. A local attacker could use this issue to perform a denial of service
via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)
Sander Bos discovered that Apport incorrectly handled core dumps for
Ubuntu
Apport vulnerabilities
vendor_ubuntu·2017-11-15·CVSS 7.8
CVE-2017-14177 [HIGH] Apport vulnerabilities
Title: Apport vulnerabilities
Summary: Apport could be tricked into creating files as an administrator, resulting in
denial of service or privilege escalation.
Sander Bos discovered that Apport incorrectly handled core dumps for setuid
binaries. A local attacker could use this issue to perform a denial of service
via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)
Sander Bos discovered that Apport incorrectly handled core dumps for processes
in a different PID namespace. A local attacker could use this issue to perform
a denial of service via resource exhaustion or possibly gain root privileges.
(CVE-2017-14180)
Instructions: In general, a standard system update will make all the necessary changes.
GHSA
GHSA-gx65-cr2w-3vfm: Apport through 2
ghsa_unreviewed·2022-05-14·CVSS 7.8
CVE-2017-14177 [HIGH] CWE-400 GHSA-gx65-cr2w-3vfm: Apport through 2
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.
OSV
apport regression
osv·2018-01-03·CVSS 7.8
CVE-2017-14177 [HIGH] apport regression
apport regression
USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem.
We apologize for the inconvenience.
Original advisory details:
Sander Bos discovered that Apport incorrectly handled core dumps for setuid
binaries. A local attacker could use this issue to perform a denial of service
via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)
Sander Bos discovered that Apport incorrectly handled core dumps for processes
in a different PID namespace. A local attacker could use this issue to perform
a denial of service via resource exhaustion or possibly gain root privileges.
(CVE-2017-14180)
OSV
apport regressions
osv·2017-11-20·CVSS 7.8
CVE-2017-14177 [HIGH] apport regressions
apport regressions
USN-3480-1 fixed vulnerabilities in Apport. The fix for CVE-2017-14177
introduced a regression in the ability to handle crashes for users that
configured their systems to use the Upstart init system in Ubuntu 16.04
LTS and Ubuntu 17.04. The fix for CVE-2017-14180 temporarily disabled
crash forwarding to containers. This update addresses the problems.
We apologize for the inconvenience.
Original advisory details:
Sander Bos discovered that Apport incorrectly handled core dumps for setuid
binaries. A local attacker could use this issue to perform a denial of service
via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)
Sander Bos discovered that Apport incorrectly handled core dumps for processes
in a different PID namespace. A local attacker coul
OSV
apport vulnerabilities
osv·2017-11-15·CVSS 7.8
CVE-2017-14177 [HIGH] apport vulnerabilities
apport vulnerabilities
Sander Bos discovered that Apport incorrectly handled core dumps for setuid
binaries. A local attacker could use this issue to perform a denial of service
via resource exhaustion or possibly gain root privileges. (CVE-2017-14177)
Sander Bos discovered that Apport incorrectly handled core dumps for processes
in a different PID namespace. A local attacker could use this issue to perform
a denial of service via resource exhaustion or possibly gain root privileges.
(CVE-2017-14180)
OSV
CVE-2017-14177: Apport through 2
osv·2017-11-15·CVSS 7.8
CVE-2017-14177 [HIGH] CVE-2017-14177: Apport through 2
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171https://launchpad.net/bugs/1726372https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-14177https://usn.ubuntu.com/usn/usn-3480-1https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171https://launchpad.net/bugs/1726372https://people.canonical.com/~ubuntu-security/cve/?cve=CVE-2017-14177https://usn.ubuntu.com/usn/usn-3480-1
2018-02-02
Published