Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2019-11482
PUBLISHED
More InfoOfficial Page
Assigner-canonical
Assigner Org ID-cc1ad9ee-3454-478d-9317-d3e869d708bc
View Known Exploited Vulnerability (KEV) details
Published At-08 Feb, 2020 | 04:50
Updated At-17 Sep, 2024 | 00:00
Rejected At-
▼CVE Numbering Authority (CNA)
Race condition between reading current working directory and writing a core dump

Sander Bos discovered a time of check to time of use (TOCTTOU) vulnerability in apport that allowed a user to cause core files to be written in arbitrary directories.

Affected Products
Vendor
Canonical Ltd.Canonical
Product
apport
Versions
Affected
  • From 2.14.1 before 2.14.1-0ubuntu3.29+esm2 (custom)
  • From 2.20.1 before 2.20.1-0ubuntu2.20 (custom)
  • From 2.20.9 before 2.20.9-0ubuntu7.8 (custom)
  • From 2.20.11 before 2.20.11-0ubuntu8.1 (custom)
Problem Types
TypeCWE IDDescription
textN/ARead user data with administrator privileges
Type: text
CWE ID: N/A
Description: Read user data with administrator privileges
Metrics
VersionBase scoreBase severityVector
3.14.2MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L
Version: 3.1
Base score: 4.2
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:L
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Sander Bos
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://usn.ubuntu.com/usn/usn-4171-1
x_refsource_MISC
https://usn.ubuntu.com/usn/usn-4171-2
x_refsource_MISC
Hyperlink: https://usn.ubuntu.com/usn/usn-4171-1
Resource:
x_refsource_MISC
Hyperlink: https://usn.ubuntu.com/usn/usn-4171-2
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://usn.ubuntu.com/usn/usn-4171-1
x_refsource_MISC
x_transferred
https://usn.ubuntu.com/usn/usn-4171-2
x_refsource_MISC
x_transferred
Hyperlink: https://usn.ubuntu.com/usn/usn-4171-1
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://usn.ubuntu.com/usn/usn-4171-2
Resource:
x_refsource_MISC
x_transferred
Details not found