local privilege escalation in apport-cli
CVE-2023-1326

7.7HIGH

Key Information:

Vendor: Canonical Ltd.
Status: Apport
Vendor: CVE Published:; 13 April 2023

Badges

👾 Exploit Exists🟡 Public PoC

Summary

A vulnerability has been identified in apport-cli versions 2.26.0 and earlier, which may allow a local attacker to escalate privileges under specific conditions. If a system is misconfigured to allow unprivileged users to execute sudo with apport-cli as the command, and if appropriate settings for the pager and terminal size are altered, this could lead to unauthorized privilege escalation. Such configurations are deemed highly unlikely, making the exposure limited. However, it highlights the importance of maintaining strict user permissions and regular audits to prevent potential exploit attempts.

Affected Version(s)

Apport Linux 0 <= 2.26.0

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2023-1326-PoC
Created by diego-tella

References

https://github.com/canonical/apport/commit/e5f78cc89f1f58...

patch

https://ubuntu.com/security/notices/USN-6018-1

vendor-advisory

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Timeline

🟡
Public PoC available
Jan 16, 2024
👾
Exploit known to exist
Jan 16, 2024
Vulnerability published
Apr 13, 2023
Vulnerability Reserved
Mar 10, 2023

Credit

Chen Lu

Lei Wang

YiQi Sun