漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Apport treats the container PID as the global PID when /proc/<global_pid>/ is missing
Vulnerability Description
Apport does not properly handle crashes originating from a PID namespace allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion, possibly gain root privileges, or escape from containers. The is_same_ns() function returns True when /proc/<global pid>/ does not exist in order to indicate that the crash should be handled in the global namespace rather than inside of a container. However, the portion of the data/apport code that decides whether or not to forward a crash to a container does not always replace sys.argv[1] with the value stored in the host_pid variable when /proc/<global pid>/ does not exist which results in the container pid being used in the global namespace. This flaw affects versions 2.20.8-0ubuntu4 through 2.20.9-0ubuntu7, 2.20.7-0ubuntu3.7, 2.20.7-0ubuntu3.8, 2.20.1-0ubuntu2.15 through 2.20.1-0ubuntu2.17, and 2.14.1-0ubuntu3.28.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Apport 安全漏洞
Vulnerability Description
Ubuntu是英国科能(Canonical)公司和Ubuntu基金会共同开发的一套以桌面应用为主的GNU/Linux操作系统。Apport是其中的一个用于收集并反馈错误信息(当应用程序崩溃时操作系统认为有用的信息)的工具包。 Apport中存在安全漏洞,该漏洞源于程序没有正确的处理的崩溃情况。本地攻击者可利用该漏洞造成拒绝服务(资源耗尽),获取root权限或绕过容器。以下版本受到影响:Apport 2.20.8-0ubuntu4版本至2.20.9-0ubuntu7版本,2.20.7-0ubuntu3.7版
CVSS Information
N/A
Vulnerability Type
N/A