CVE-2021-32554

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
References
Link Resource
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 Issue Tracking Vendor Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*

Information

Published : 2021-06-11 21:15

Updated : 2021-06-16 06:14


NVD link : CVE-2021-32554

Mitre link : CVE-2021-32554


JSON object : View

CWE
CWE-59

Improper Link Resolution Before File Access ('Link Following')

Advertisement

dedicated server usa

Products Affected

canonical

  • ubuntu_linux