Apport Vulnerability Allows Arbitrary Socket Connections as Root
CVE-2022-1242
7.8HIGH
Summary
The vulnerability in Ubuntu's Apport allows a potential attacker to exploit unprivileged applications by tricking Apport into connecting to arbitrary sockets with root user privileges. This could lead to unauthorized access to sensitive data or system resources, as the vulnerability undermines the integrity of user permissions. Users of affected versions should apply the necessary security updates to mitigate the risks associated with this vulnerability, ensuring stronger protection against exploitation attempts.
Affected Version(s)
Apport Linux 0 < 2.21.0
References
CVSS V3.1
Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved
Credit
Gerrit Venema