Vulnerabilities

CVE-2017-14177

by Fred · 02/02/2018

Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.

Date published : 2018-02-02

https://bazaar.launchpad.net/~apport-hackers/apport/trunk/revision/3171

https://launchpad.net/bugs/1726372

Similar

Tags: Cybersecurity Alert