Kevin Backhouse discovered that apport would read a user-supplied configuration file with elevated privileges. By replacing the file with a symbolic link, a user could get apport to read any file on the system as root, with unknown consequences.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: canonical
Published: 2020-02-08T04:50:21.892355Z
Updated: 2024-09-16T23:25:27.956Z
Reserved: 2019-04-23T00:00:00
Link: CVE-2019-11481
Vulnrichment
No data.
NVD
Status : Modified
Published: 2020-02-08T05:15:12.527
Modified: 2024-11-21T04:21:10.220
Link: CVE-2019-11481
Redhat
No data.