Launchpad CVE tracker

CVE 2020-15701

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6.

Related bugs and status

CVE-2020-15701 (Candidate) is related to these bugs:

Bug #1876659: Unhandled exception in run_hang()

Summary				In	Importance	Status
	1876659	Unhandled exception in run_hang()		apport (Ubuntu)	Undecided	Fix Released
	1876659	Unhandled exception in run_hang()		Apport	Critical	Fix Released

Bug #1877023: Unhandled exception in check_ignored()

Summary				In	Importance	Status
	1877023	Unhandled exception in check_ignored()		apport (Ubuntu)	Medium	Fix Released
	1877023	Unhandled exception in check_ignored()		Apport	Critical	Fix Released

Bug #1885633: [ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability

		In	Importance	Status
1885633	[ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	apport (Ubuntu)	Medium	Fix Released
1885633	[ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	apport (Ubuntu Eoan)	Medium	Won't Fix
1885633	[ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	apport (Ubuntu Xenial)	Medium	Fix Released
1885633	[ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	apport (Ubuntu Focal)	Medium	Fix Released
1885633	[ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	apport (Ubuntu Bionic)	Medium	Fix Released
1885633	[ZDI-CAN-11233]: apport Unnecessary Privileges Information Disclosure Vulnerability	Apport	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-15701

References