CVE-2020-15701 Explained : Impact and Mitigation

An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. This vulnerability affects versions 2.20.1, 2.20.9, and 2.20.11 of the apport package by Canonical.

Understanding CVE-2020-15701

This CVE involves an unhandled exception in the apport package that can lead to a denial of service attack.

What is CVE-2020-15701?

CVE-2020-15701 is a vulnerability in the apport package that allows a local attacker to trigger an unhandled exception, leading to a crash and denial of service.

The Impact of CVE-2020-15701

The impact of this vulnerability is rated as MEDIUM with a CVSS base score of 5.5. The availability impact is high, requiring low privileges and no user interaction.

Technical Details of CVE-2020-15701

This section provides more technical details about the vulnerability.

Vulnerability Description

The vulnerability lies in the check_ignored() function in apport/report.py, where an unhandled exception can be triggered by a local attacker, causing a denial of service.

Affected Systems and Versions

Product: apport
Vendor: Canonical
Affected Versions: 2.20.1, 2.20.9, 2.20.11

Exploitation Mechanism

The exploitation involves manipulating the mtime attribute as a string value in apport-ignore.xml to trigger the unhandled exception.

Mitigation and Prevention

To address CVE-2020-15701, follow these mitigation steps:

Immediate Steps to Take

Update the apport package to versions 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, or 2.20.11-0ubuntu27.6
Monitor for any unusual crashes or denial of service incidents

Long-Term Security Practices

Regularly update software packages to patch known vulnerabilities
Implement proper exception handling in code to prevent similar issues

Patching and Updates

Apply the patches provided by Canonical for the apport package