Nixpkgs security tracker

Untriaged

Permalink CVE-2015-1341

created 1 month, 3 weeks ago

Apport privilege escalation through Python module imports

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

References

https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_transferredx_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_transferredx_refsource_MISC

Affected products

Apport

<2.14.1-0ubuntu3.18
<2.0.1-0ubuntu17.13
<2.17.2-0ubuntu1.7
<2.19.2
<2.19.1-0ubuntu4

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4
nixos-25.11 0.0.0.4
- nixos-25.11-small 0.0.0.4
- nixpkgs-25.11-darwin 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-5467

created 4 months ago

Ubuntu Apport Insecure File Permissions Vulnerability

It was discovered that process_crash() in data/apport in Canonical's Apport crash reporting tool may create crash files with incorrect group ownership, possibly exposing crash information beyond expected or intended groups.

References

Affected products

apport

<2.28.1-0ubuntu3.6
<2.20.9-0ubuntu7.29+esm1
<2.32.0-0ubuntu5.1
<2.20.11-0ubuntu27.28
<2.20.1-0ubuntu2.30+esm5
<2.33.0-0ubuntu1
<2.20.11-0ubuntu82.7

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4
nixos-25.11 0.0.0.4
- nixpkgs-25.11-darwin 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2025-5054

4.7 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): NONE
Availability impact (A): NONE

created 10 months, 2 weeks ago

Race Condition in Canonical Apport

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).

References

https://ubuntu.com/security/notices/USN-7545-1 vendor-advisory
https://ubuntu.com/security/CVE-2025-5054 vdb-entry
https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt third-party-advisory
https://ubuntu.com/security/notices/USN-7545-1 vendor-advisory
https://ubuntu.com/security/CVE-2025-5054 vdb-entry
https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt third-party-advisory
https://ubuntu.com/security/notices/USN-7545-1 vendor-advisory
https://ubuntu.com/security/CVE-2025-5054 vdb-entry
https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt third-party-advisory
http://seclists.org/fulldisclosure/2025/Jun/9

Affected products

apport

<2.32.0-0ubuntu6
<2.30.0-0ubuntu4.3
=<2.32.0
<2.28.1-0ubuntu3.6
<2.20.9-0ubuntu7.29+esm1
<2.20.11-0ubuntu27.28
<2.32.0-0ubuntu5.1
<2.20.1-0ubuntu2.30+esm5
<2.33.0-0ubuntu1
<2.20.11-0ubuntu82.7

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2022-1242

7.8 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 1 year ago

Apport can be tricked into connecting to arbitrary sockets as …

Apport can be tricked into connecting to arbitrary sockets as the root user

References

https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-1242 issue-trackingx_transferred

Affected products

apport

<2.21.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2022-28656

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 1 year ago

is_closing_session() allows users to consume RAM in the Apport process

References

https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28656 issue-trackingx_transferred

Affected products

apport

<2.21.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2022-28652

5.5 MEDIUM

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

created 1 year, 1 month ago

~/.config/apport/settings parsing is vulnerable to "billion laughs" attack

References

https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-trackingx_transferred
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisory
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-tracking
https://ubuntu.com/security/notices/USN-5427-1 vendor-advisoryx_transferred
https://www.cve.org/CVERecord?id=CVE-2022-28652 issue-trackingx_transferred

Affected products

apport

<2.21.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Untriaged

Permalink CVE-2023-1326

7.7 HIGH

CVSS version: 3.1
Attack vector (AV): LOCAL
Attack complexity (AC): LOW
Privileges required (PR): HIGH
User interaction (UI): REQUIRED
Scope (S): CHANGED
Confidentiality impact (C): HIGH
Integrity impact (I): HIGH
Availability impact (A): HIGH

created 1 year, 2 months ago

local privilege escalation in apport-cli

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

References

https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c4… patch
https://ubuntu.com/security/notices/USN-6018-1 vendor-advisory
https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c4… patchx_transferred
https://ubuntu.com/security/notices/USN-6018-1 vendor-advisoryx_transferred
https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c4… patch
https://ubuntu.com/security/notices/USN-6018-1 vendor-advisory
https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c4… patchx_transferred
https://ubuntu.com/security/notices/USN-6018-1 vendor-advisoryx_transferred
https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c4… patch
https://ubuntu.com/security/notices/USN-6018-1 vendor-advisory
https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c4… patchx_transferred
https://ubuntu.com/security/notices/USN-6018-1 vendor-advisoryx_transferred

Affected products

apport

=<2.26.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Dismissed

Permalink CVE-2020-11936

3.1 LOW

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): HIGH
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): NONE

updated 1 year, 2 months ago by @fricklerhandwerk Activity log

Created automatic suggestion 1 year, 2 months ago
@fricklerhandwerk dismissed 1 year, 2 months ago

gdbus setgid privilege escalation

References

https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1885633 issue-tracking
https://www.cve.org/CVERecord?id=CVE-2020-11936 issue-tracking
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1885633 issue-tracking
https://www.cve.org/CVERecord?id=CVE-2020-11936 issue-tracking

Affected products

apport

<2.20.11-0ubuntu27.6

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Dismissed

Permalink CVE-2022-28653

7.5 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): NONE
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): NONE
Integrity impact (I): NONE
Availability impact (A): HIGH

updated 1 year, 2 months ago by @fricklerhandwerk Activity log

Created automatic suggestion 1 year, 2 months ago
@fricklerhandwerk dismissed 1 year, 2 months ago

Users can consume unlimited disk space in /var/crash

References

https://www.cve.org/CVERecord?id=CVE-2022-28653 issue-tracking
https://www.cve.org/CVERecord?id=CVE-2022-28653 issue-tracking

Affected products

apport

<2.21.0

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Suggestions search

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers