CVE-2016-9951
Last modified
CVE-2016-9951 is a vulnerability of currently unknown severity. An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. EPSS estimates a 6.67% chance of exploitation in the next 30 days.
Description
An issue was discovered in Apport before 2.20.4. A malicious Apport crash file can contain a restart command in `RespawnCommand` or `ProcCmdline` fields. This command will be executed if a user clicks the Relaunch button on the Apport prompt from the malicious crash file. The fix is to only show the Relaunch button on Apport crash files generated by local systems. The Relaunch button will be hidden when crash files are opened directly in Apport-GTK.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apport Project | Apport | <= 2.20.3 |
References
- http://www.securityfocus.com/bid/95011Third Party Advisory, VDB Entry
- https://bugs.launchpad.net/apport/+bug/1648806Issue Tracking, Patch
- https://donncha.is/2016/12/compromising-ubuntu-desktop/Exploit, Technical Description, Third Party Advisory
- https://github.com/DonnchaC/ubuntu-apport-exploitationIssue Tracking, Third Party Advisory
- http://www.securityfocus.com/bid/95011Third Party Advisory, VDB Entry
- https://bugs.launchpad.net/apport/+bug/1648806Issue Tracking, Patch
- https://donncha.is/2016/12/compromising-ubuntu-desktop/Exploit, Technical Description, Third Party Advisory
- https://github.com/DonnchaC/ubuntu-apport-exploitationIssue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-9951?
How severe is CVE-2016-9951?
How do I fix CVE-2016-9951?
Are you affected by CVE-2016-9951?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST