CVE-2023-1326

Name of the Vulnerable Software and Affected Versions apport-cli versions 2.26.0 and earlier

Description A privilege escalation attack was found, similar to a known issue, which can be exploited by a local attacker if the system is specially configured. This configuration includes allowing unprivileged users to run sudo apport-cli, having less configured as the pager, and the ability to set the terminal size. It is unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

Recommendations For apport-cli versions 2.26.0 and earlier, consider restricting the use of sudo apport-cli to privileged users only, and review the configuration of the pager and terminal settings to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.