Apport Exploit Fixed in Multiple Ubuntu OSes

A system update is required in order to fix the problem

By on December 18th, 2012 13:46 GMT

On December 17, Canonical published in a security notice details about an Apport exploit for its Ubuntu 12.04 LTS (Precise Pangolin), Ubuntu 11.10 (Oneiric Ocelot), and Ubuntu 10.04 LTS ((Lucid Lynx) operating systems.

According to Canonical, a hardening measure was added to the apport package.

It was discovered that an application running under an AppArmor profile, that allowed unconfined execution of apport-bug, could escape confinement by calling apport-bug with a crafted environment.

While not a vulnerability in the apport package itself, this update mitigates the issue by sanitizing certain variables in the apport-bug shell script.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest apport package specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.

Comments