CVE-2019-7307 : Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubun

Apport before versions 2.14.1-0ubuntu3.29+esm1, 2.20.1-0ubuntu2.19, 2.20.9-0ubuntu7.7, 2.20.10-0ubuntu27.1, 2.20.11-0ubuntu5 contained a TOCTTOU vulnerability when reading the users ~/.apport-ignore.xml file, which allows a local attacker to replace this file with a symlink to any other file on the system and so cause Apport to include the contents of this other file in the resulting crash report. The crash report could then be read by that user either by causing it to be uploaded and reported to Launchpad, or by leveraging some other vulnerability to read the resulting crash report, and so allow the user to read arbitrary files on the system.

Published 2019-08-29 15:15:11

Updated 2023-06-12 07:15:13

Source Canonical Ltd.

View at NVD, CVE.org

Products affected by CVE-2019-7307

Apport Project » Apport » Version: 2.14.1
cpe:2.3:a:apport_project:apport:2.14.1:*:*:*:*:*:*:*
Matching versions
When used together with: Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
Apport Project » Apport » Version: 2.20.9
cpe:2.3:a:apport_project:apport:2.20.9:*:*:*:*:*:*:*
Matching versions
When used together with: Canonical » Ubuntu Linux » Version: 18.04 LTS Edition
Apport Project » Apport » Version: 2.20.1
cpe:2.3:a:apport_project:apport:2.20.1:*:*:*:*:*:*:*
Matching versions
When used together with: Canonical » Ubuntu Linux » Version: 16.04 LTS Edition
Apport Project » Apport » Version: 2.20.10
cpe:2.3:a:apport_project:apport:2.20.10:*:*:*:*:*:*:*
Matching versions
When used together with: Canonical » Ubuntu Linux » Version: 19.10

Exploit prediction scoring system (EPSS) score for CVE-2019-7307

EPSS FAQ

0.03%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 6 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2019-7307

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.4	MEDIUM	AV:L/AC:M/Au:N/C:P/I:P/A:P	3.4	6.4	NIST
Access Vector: Local Access Complexity: Medium Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial
6.5	MEDIUM	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N	2.0	4.0	Canonical Ltd.
Attack Vector: Local Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Changed Confidentiality: High Integrity: None Availability: None
7.0	HIGH	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H	1.0	5.9	NIST
Attack Vector: Local Attack Complexity: High Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: High Integrity: High Availability: High

CWE ids for CVE-2019-7307

CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition

The product checks the state of a resource before using that resource, but the resource's state can change between the check and the use in a way that invalidates the results of the check. This can cause the product to perform invalid actions when the resource is in an unexpected state.
Assigned by:
- nvd@nist.gov (Primary)
- security@ubuntu.com (Secondary)

References for CVE-2019-7307

http://packetstormsecurity.com/files/172858/Ubuntu-Apport-Whoopsie-DoS-Integer-Overflow.html

Ubuntu Apport / Whoopsie DoS / Integer Overflow ≈ Packet Storm

CVEs referencing this url
https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1830858

Bug #1830858 “TOCTOU vulnerability in _get_ignore_dom (report.py...” : Bugs : apport package : Ubuntu
Exploit;Issue Tracking;Vendor Advisory
https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-7307.html

CVE-2019-7307 in Ubuntu
Vendor Advisory

Jump to

Vulnerability Details : CVE-2019-7307

Products affected by CVE-2019-7307

Exploit prediction scoring system (EPSS) score for CVE-2019-7307

CVSS scores for CVE-2019-7307

CWE ids for CVE-2019-7307

References for CVE-2019-7307