This bug was fixed in the package apport - 2.17.1-0ubuntu1
---------------
apport (2.17.1-0ubuntu1) vivid; urgency=medium
* New upstream bug fix release:
- SECURITY UPDATE: Fix root privilege escalation through crash forwarding
to containers.
Version 2.13 introduced forwarding a crash to a container's apport. By
crafting a specific file system structure, entering it as a namespace
("container"), and crashing something in it, a local user could access
arbitrary files on the host system with root privileges.
Thanks to Stéphane Graber for discovering and fixing this!
(CVE-2015-1318, LP: #1438758)
- apport-kde tests: Fix imports to make tests work again.
- Fix UnicodeDecodeError on parsing non-ASCII environment variables.
- apport: use the proper pid when calling apport in another PID namespace.
Thanks Brian Murray. (LP: #1300235)
-- Martin Pitt <[email protected]> Tue, 14 Apr 2015 09:10:17 -0500
** Changed in: apport (Ubuntu Vivid)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1438758
Title:
User to root privilege escalation (ab)using the crash forwarding
feature of apport
To manage notifications about this bug go to:
https://bugs.launchpad.net/apport/+bug/1438758/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
