Vulnerabilities > CVE-2020-15701 - Improper Handling of Exceptional Conditions vulnerability in Canonical Apport

047910
CVSS 5.5 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
HIGH
local
low complexity
canonical
CWE-755
NVD
Published: 2020-08-06
Updated: 2023-01-24

Summary

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.

Vulnerable Configurations

Part Description Count
Application
Canonical
100
OS
Canonical
5

Common Weakness Enumeration (CWE)

References