Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2018-6552— Apport treats the container PID as the global PID when /proc/<global_pid>/ is missing

EPSS 0.03% · P9
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2018-6552

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
Apport treats the container PID as the global PID when /proc/<global_pid>/ is missing
Source: NVD (National Vulnerability Database)
Vulnerability Description
Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The is_same_ns() function returns True when /proc/<global pid>/ does not exist in order to indicate that the crash should be handled in the global namespace rather than inside of a container. However, the portion of the data/apport code that decides whether or not to forward a crash to a container does not always replace sys.argv[1] with the value stored in the host_pid variable when /proc/<global pid>/ does not exist which results in the container pid being used in the global namespace. This flaw affects versions 2.20.8-0ubuntu4 through 2.20.9-0ubuntu7, 2.20.7-0ubuntu3.7, 2.20.7-0ubuntu3.8, 2.20.1-0ubuntu2.15 through 2.20.1-0ubuntu2.17, and 2.14.1-0ubuntu3.28.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Apport 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Ubuntu是英国科能(Canonical)公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。Apport是其中的一个用于收集并反馈错误信息(当应用程序崩溃时操作系统认为有用的信息)的工具包。 Apport中存在安全漏洞,该漏洞源于程序没有正确的处理的崩溃情况。本地攻击者可利用该漏洞造成拒绝服务(资源耗尽),获取root权限或绕过容器。以下版本受到影响:Apport 2.20.8-0ubuntu4版本至2.20.9-0ubuntu7版本,2.20.7-0ubuntu3.7版
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-Apport 2.20.8-0ubuntu4 ~ unspecified -
-Apport 2.20.1-0ubuntu2.15 ~ unspecified -
-Apport 2.20.7-0ubuntu3.7 ~ unspecified -
-Apport 2.14.1-0ubuntu3.28 -

II. Public POCs for CVE-2018-6552

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2018-6552

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-05-31 · 47 CVEs total

CVE-2018-9314多款BMW汽车Head Unit HU_NBT组件安全漏洞
CVE-2018-9322多款BMW汽车Head Unit HU_NBT组件安全漏洞
CVE-2018-11579WordPress MULTIDOTS WooCommerce Category Banner Management插件安全漏洞
CVE-2018-11572ClipperCMS 跨站脚本漏洞
CVE-2018-11575MiniUPnP ngiflib 缓冲区错误漏洞
CVE-2018-11576MiniUPnP ngiflib 缓冲区错误漏洞
CVE-2018-11577Liblouis 缓冲区错误漏洞
CVE-2018-11578MiniUPnP ngiflib 缓冲区错误漏洞
CVE-2018-11571ClipperCMS 安全漏洞
CVE-2018-9318BMW汽车Telematics Control Unit 安全漏洞
CVE-2018-9320多款BMW汽车Head Unit HU_NBT组件安全漏洞
CVE-2018-9313多款BMW汽车Head Unit HU_NBT组件安全漏洞
CVE-2018-9312多款BMW汽车Head Unit HU_NBT组件安全漏洞
CVE-2018-9311BMW汽车Telematics Control Unit 安全漏洞
CVE-2018-11036多款Ruckus产品SmartZone 安全漏洞
CVE-2018-11220Bitmain Antminer D3、L3+和S9 安全漏洞
CVE-2018-11625ImageMagick 缓冲区错误漏洞
CVE-2018-11624ImageMagick 安全漏洞
CVE-2018-11598Espruino 安全漏洞
CVE-2018-11597Espruino 缓冲区错误漏洞

Showing top 20 of 47 CVEs. View all on vendor page &rarr; →

IV. Related Vulnerabilities

Same product: Apport
Same vendor: n/a

V. Comments for CVE-2018-6552

No comments yet

Leave a comment