Chen Lu

**Name of the Vulnerable Software and Affected Versions** apport-cli versions 2.26.0 and earlier **Description** A privilege escalation attack was found, similar to a known issue, which can be exploited by a local attacker if the system is specially configured. This configuration includes allowing unprivileged users to run `sudo apport-cli`, having `less` configured as the pager, and the ability to set the terminal size. It is unlikely that a system administrator would configure `sudo` to allow unprivileged users to perform this class of exploit. **Recommendations** For apport-cli versions 2.26.0 and earlier, consider restricting the use of `sudo apport-cli` to privileged users only, and review the configuration of the pager and terminal settings to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.