CVE-2021-25684

HIGH8.8

JSON export Create alert

Description

It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.

CVSS breakdown

CVSS 3.1

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Changed

Confidentiality

High

Integrity

High

Availability

High

Affected products

Canonical / apport2.20.1 – 2.20.1-0ubuntu2.30
Canonical / apport2.20.9 – 2.20.9-0ubuntu7.23
Canonical / apport2.20.11-0ubuntu27 – 2.20.11-0ubuntu27.16
Canonical / apport2.20.11-0ubuntu50 – 2.20.11-0ubuntu50.5

References

MISChttps://bugs.launchpad.net/ubuntu/+source/apport/+bug/1912326