Ubuntu Update For Apport USN-1668-1 Network Vulnerability

Summary

Ubuntu Update for Linux kernel vulnerabilities USN-1668-1

Solution

Please Install the Updated Packages.

Insight

Dan Rosenberg discovered that an application running under an AppArmor profile that allowed unconfined execution of apport-bug could escape confinement by calling apport-bug with a crafted environment. While not a vulnerability in apport itself, this update mitigates the issue by sanitizing certain variables in the apport-bug shell script.

Affected

apport on Ubuntu 12.04 LTS , Ubuntu 11.10 , Ubuntu 10.04 LTS

References

https://lists.ubuntu.com/archives/ubuntu-security-announce/2012-December/001936.html

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Ubuntu Update for curl USN-2167-1
Ubuntu Update for apache2 USN-2299-1
Ubuntu Update for acpid USN-1296-1
Ubuntu Update for cmake vulnerabilities USN-890-6
Ubuntu Update for bind9 USN-1139-1

Ubuntu Update for apport USN-1668-1

Take action and discover your vulnerabilities