Vulnerability CVE-2020-15701
Published: 2020-08-06   Modified: 2020-08-07

Description:
An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.

Type:

CWE-755

CVSS2 => (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.1/10
2.9/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
https://launchpad.net/bugs/1877023
https://usn.ubuntu.com/4449-1
https://usn.ubuntu.com/4449-1/
Copyright 2024, cxsecurity.com

 

Back to Top