CVE-2018-6552

Name of the Vulnerable Software and Affected Versions Apport versions 2.14.1-0ubuntu3.28 Apport versions 2.20.1-0ubuntu2.15 through 2.20.1-0ubuntu2.17 Apport versions 2.20.7-0ubuntu3.7 Apport versions 2.20.7-0ubuntu3.8 Apport versions 2.20.8-0ubuntu4 through 2.20.9-0ubuntu7

Description The issue allows local users to create certain files as root, potentially leading to denial of service via resource exhaustion, gaining root privileges, or escaping from containers. This is due to the is same ns() function returning True when /proc/<global pid>/ does not exist, indicating the crash should be handled in the global namespace rather than inside a container. However, the portion of the data/apport code that decides whether to forward a crash to a container does not always replace sys.argv[1] with the value stored in the host pid variable when /proc/<global pid>/ does not exist, resulting in the container pid being used in the global namespace.

Recommendations For Apport versions 2.14.1-0ubuntu3.28, update to a version that fixes the issue. For Apport versions 2.20.1-0ubuntu2.15 through 2.20.1-0ubuntu2.17, update to a version that fixes the issue. For Apport versions 2.20.7-0ubuntu3.7, update to a version that fixes the issue. For Apport versions 2.20.7-0ubuntu3.8, update to a version that fixes the issue. For Apport versions 2.20.8-0ubuntu4 through 2.20.9-0ubuntu7, update to a version that fixes the issue.