CVE-2023-1326

CWE-269 — Improper Privilege Management7 documents6 sources

Severity

7.8HIGH

EPSS

4.5%

top 10.88%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Canonical Ltd. Apport Canonical Apport Canonical Ubuntu Linux

Timeline

PublishedApr 13

Latest updateApr 14

Description

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:HExploitability: 1.1 | Impact: 6.0

Affected Packages3 packages

▶Ubuntuapport< 2.20.9-0ubuntu7.29+2

▶NVDcanonical/apport2.26.0

▶CVEListV5canonical_ltd./apport2.26.0

Also affects: Ubuntu Linux 18.04, 20.04, 22.04, 22.10

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-qgrc-7333-5cgx: A privilege escalation attack was found in apport-cli 2↗2023-04-14

▶

OSV

CVE-2023-1326: A privilege escalation attack was found in apport-cli 2↗2023-04-13

▶

CVEList

local privilege escalation in apport-cli↗2023-04-13

▶

📋Vendor Advisories

Ubuntu

Apport vulnerability↗2023-04-13

▶

📄Research Papers

CTF

Devvortex / README↗

▶