Name of the Vulnerable Software and Affected Versions: Apport versions prior to the fixed version in Ubuntu 14.04 ESM and Ubuntu 16.04 ESM

Description: A local attacker could possibly use this issue to escalate privileges by tricking Apport into writing core files as root into arbitrary directories in certain scenarios. The update causes Apport to generate all core files in the /var/lib/apport/coredump directory on Ubuntu 16.04 ESM, and core file generation has been disabled by default on Ubuntu 14.04 ESM.

Recommendations: For Ubuntu 16.04 ESM, update to the version that includes the fix for this issue, which will cause Apport to generate all core files in the /var/lib/apport/coredump directory. For Ubuntu 14.04 ESM, core file generation has been disabled by default as a fix for this issue.