CVE-2022-1242
published 2024-06-03CVE-2022-1242: Apport can be tricked into connecting to arbitrary sockets as the root user
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
Apport can be tricked into connecting to arbitrary sockets as the root user
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apport_project | apport | >= 0 < 2.20.9-0ubuntu7.28 | 2.20.9-0ubuntu7.28 |
| apport_project | apport | >= 0 < 2.20.11-0ubuntu27.24 | 2.20.11-0ubuntu27.24 |
| apport_project | apport | >= 0 < 2.20.11-0ubuntu82.1 | 2.20.11-0ubuntu82.1 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.30+esm4 | 2.20.1-0ubuntu2.30+esm4 |
| canonical | apport | < 2.21.0 | 2.21.0 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical_ltd | apport | < 2.21.0 | 2.21.0 |
| fortinet | fortitester | — | — |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.8HIGH