CVE-2019-11485 : What You Need to Know
Discover the impact of CVE-2019-11485, a vulnerability in Apport by Canonical, allowing all users to hinder crash handling. Learn about affected versions and mitigation steps.
A vulnerability in Apport allowed all users to hinder crash handling due to a mislocated lock file.
Understanding CVE-2019-11485
Sander Bos discovered a security issue in Apport that could impact the crash handling process.
What is CVE-2019-11485?
CVE-2019-11485 is a vulnerability in Apport, a crash report handling tool in Ubuntu, where the lock file was placed in a directory with overly permissive permissions.
The Impact of CVE-2019-11485
The vulnerability could be exploited by all users to interfere with crash handling, potentially leading to denial of service or other security issues.
Technical Details of CVE-2019-11485
The technical aspects of the vulnerability in Apport.
Vulnerability Description
The lock file of Apport was located in a directory with permissions that allowed all users to hinder crash handling.
Affected Systems and Versions
- Product: Apport
- Vendor: Canonical
- Affected Versions:
- 2.14.1-0ubuntu3.29+esm2
- 2.20.1-0ubuntu2.20
- 2.20.9-0ubuntu7.8
- 2.20.11-0ubuntu8.1
Exploitation Mechanism
- Attack Complexity: Low
- Attack Vector: Local
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- CVSS Score: 3.3 (Low)
Mitigation and Prevention
Steps to address and prevent the CVE-2019-11485 vulnerability.
Immediate Steps to Take
- Update Apport to a non-vulnerable version.
- Restrict access permissions to the directory containing the lock file.
Long-Term Security Practices
- Regularly monitor and review file permissions on critical directories.
- Educate users on secure crash handling practices.
Patching and Updates
- Apply patches provided by Canonical to fix the vulnerability in Apport.