Apport prior 2.20.11-0ubuntu57 /proc/pid/stat get_starttime input validation

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical has been found in Apport. Affected is the function get_starttime of the file /proc/pid/stat. Upgrading to version 2.20.11-0ubuntu57 eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1133761306/13/2021VulD...cve_cnaCanonical Ltd.nvd.nist.gov06/13/2021accepted70
1133761206/13/2021VulD...cve_nvd_summaryIt was discovered that the get_starttime() function in data/apport did not properly parse the /proc/pid/stat file from the kernel.cve.mitre.org06/13/2021accepted70
1133761106/13/2021VulD...cve_assigned1611183600cve.mitre.org06/13/2021accepted70
1133250806/11/2021VulD...price_0day$5k-$25ksee documentation06/11/2021accepted90
1133250706/11/2021VulD...cvss3_meta_tempscore7.2see documentation06/11/2021accepted90
1133250606/11/2021VulD...cvss3_meta_basescore8.0see documentation06/11/2021accepted90
1133250506/11/2021VulD...cvss3_vuldb_tempscore7.206/11/2021accepted90
1133250406/11/2021VulD...cvss3_vuldb_basescore8.006/11/2021accepted90
1133250306/11/2021VulD...cvss2_vuldb_tempscore5.806/11/2021accepted90
1133250206/11/2021VulD...cvss2_vuldb_basescore7.406/11/2021accepted90
1133250106/11/2021VulD...cvss3_vuldb_uiNderived from historical data06/11/2021accepted80
1133250006/11/2021VulD...cvss3_vuldb_prLderived from historical data06/11/2021accepted80
1133249906/11/2021VulD...cvss3_vuldb_acLderived from historical data06/11/2021accepted80
1133249806/11/2021VulD...cvss3_vuldb_avAderived from historical data06/11/2021accepted80
1133249706/11/2021VulD...cvss2_vuldb_auSderived from historical data06/11/2021accepted80
1133249606/11/2021VulD...cvss2_vuldb_acMderived from historical data06/11/2021accepted80
1133249506/11/2021VulD...cvss2_vuldb_avAderived from historical data06/11/2021accepted80
1133249406/11/2021VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector06/11/2021accepted80
1133249306/11/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector06/11/2021accepted80

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!