From 697efbc2723666cdaf62b3517c9c9342363a6bb2 Mon Sep 17 00:00:00 2001 From: Avital Ostromich Date: Thu, 6 Aug 2020 18:25:01 -0400 Subject: [PATCH] Whoopsie and apport vulnerabilities --- 2020/11xxx/CVE-2020-11937.json | 124 ++++++++++++++++++++++++++++++--- 2020/15xxx/CVE-2020-15701.json | 119 ++++++++++++++++++++++++++++--- 2020/15xxx/CVE-2020-15702.json | 112 ++++++++++++++++++++++++++--- 3 files changed, 331 insertions(+), 24 deletions(-) diff --git a/2020/11xxx/CVE-2020-11937.json b/2020/11xxx/CVE-2020-11937.json index 04e893d9a3d..1aa4aea6862 100644 --- a/2020/11xxx/CVE-2020-11937.json +++ b/2020/11xxx/CVE-2020-11937.json @@ -1,18 +1,126 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "", + "ASSIGNER": "security@ubuntu.com", + "DATE_PUBLIC": "2020-06-11T05:13:00.000Z", "ID": "CVE-2020-11937", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Resource exhaustion vulnerability in whoopsie" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "whoopsie", + "version": { + "version_data": [ + { + "platform": "", + "version_affected": "<", + "version_name": "0.2.52", + "version_value": "0.2.52.5ubuntu0.5" + }, + { + "platform": "", + "version_affected": "<", + "version_name": "0.2.62", + "version_value": "0.2.62ubuntu0.5" + }, + { + "platform": "", + "version_affected": "<", + "version_name": "0.2.69", + "version_value": "0.2.69ubuntu0.1" + } + ] + } + } + ] + }, + "vendor_name": "Canonical" + } + ] + } + }, + "configuration": [], + "credit": [ + { + "lang": "eng", + "value": "Seong-Joong Kim" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In whoopsie, parse_report() from whoopsie.c allows a local attacker to cause a denial of service via a crafted file. The DoS is caused by resource exhaustion due to a memory leak. Fixed in 0.2.52.5ubuntu0.5, 0.2.62ubuntu0.5 and 0.2.69ubuntu0.1." } ] - } -} \ No newline at end of file + }, + "exploit": [], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-400 Uncontrolled Resource Consumption" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://launchpad.net/bugs/1881982", + "refsource": "CONFIRM", + "url": "https://launchpad.net/bugs/1881982" + }, + { + "name": "https://usn.ubuntu.com/4450-1", + "refsource": "CONFIRM", + "url": "https://usn.ubuntu.com/4450-1" + }, + { + "name": "https://github.com/sungjungk/whoopsie_killer", + "refsource": "CONFIRM", + "url": "https://github.com/sungjungk/whoopsie_killer" + } + ] + }, + "solution": [], + "source": { + "advisory": "https://usn.ubuntu.com/4450-1", + "defect": [ + "https://launchpad.net/bugs/1881982" + ], + "discovery": "EXTERNAL" + }, + "work_around": [] +} diff --git a/2020/15xxx/CVE-2020-15701.json b/2020/15xxx/CVE-2020-15701.json index 251bc9fc50a..abaae4e7104 100644 --- a/2020/15xxx/CVE-2020-15701.json +++ b/2020/15xxx/CVE-2020-15701.json @@ -1,18 +1,121 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "", + "ASSIGNER": "security@ubuntu.com", + "DATE_PUBLIC": "2020-05-13T07:29:00.000Z", "ID": "CVE-2020-15701", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "Unhandled exception in apport" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "apport", + "version": { + "version_data": [ + { + "platform": "", + "version_affected": "<", + "version_name": "2.20.1", + "version_value": "2.20.1-0ubuntu2.24" + }, + { + "platform": "", + "version_affected": "<", + "version_name": "2.20.9", + "version_value": "2.20.9-0ubuntu7.16" + }, + { + "platform": "", + "version_affected": "<", + "version_name": "2.20.11", + "version_value": "2.20.11-0ubuntu27.6" + } + ] + } + } + ] + }, + "vendor_name": "Canonical" + } + ] + } + }, + "configuration": [], + "credit": [ + { + "lang": "eng", + "value": "Seong-Joong Kim" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An unhandled exception in check_ignored() in apport/report.py can be exploited by a local attacker to cause a denial of service. If the mtime attribute is a string value in apport-ignore.xml, it will trigger an unhandled exception, resulting in a crash. Fixed in 2.20.1-0ubuntu2.24, 2.20.9-0ubuntu7.16, 2.20.11-0ubuntu27.6." } ] - } -} \ No newline at end of file + }, + "exploit": [], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-755 Improper Handling of Exceptional Conditions" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://usn.ubuntu.com/4449-1", + "refsource": "CONFIRM", + "url": "https://usn.ubuntu.com/4449-1" + }, + { + "name": "https://launchpad.net/bugs/1877023", + "refsource": "CONFIRM", + "url": "https://launchpad.net/bugs/1877023" + } + ] + }, + "solution": [], + "source": { + "advisory": "https://usn.ubuntu.com/4449-1", + "defect": [ + "https://launchpad.net/bugs/1877023" + ], + "discovery": "EXTERNAL" + }, + "work_around": [] +} diff --git a/2020/15xxx/CVE-2020-15702.json b/2020/15xxx/CVE-2020-15702.json index 561159a19a2..3e83d6ac7ce 100644 --- a/2020/15xxx/CVE-2020-15702.json +++ b/2020/15xxx/CVE-2020-15702.json @@ -1,18 +1,114 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { + "AKA": "", + "ASSIGNER": "security@ubuntu.com", + "DATE_PUBLIC": "2020-08-04T21:00:00.000Z", "ID": "CVE-2020-15702", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "STATE": "PUBLIC", + "TITLE": "TOCTOU in apport" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "apport", + "version": { + "version_data": [ + { + "platform": "", + "version_affected": "<", + "version_name": "2.20.1", + "version_value": "2.20.1-0ubuntu2.24" + }, + { + "platform": "", + "version_affected": "<", + "version_name": "2.20.9", + "version_value": "2.20.9-0ubuntu7.16" + }, + { + "platform": "", + "version_affected": "<", + "version_name": "2.20.11", + "version_value": "2.20.11-0ubuntu27.6" + } + ] + } + } + ] + }, + "vendor_name": "Canonical" + } + ] + } + }, + "configuration": [], + "credit": [ + { + "lang": "eng", + "value": "Ryota Shiga" + } + ], + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234." } ] - } -} \ No newline at end of file + }, + "exploit": [], + "generator": { + "engine": "Vulnogram 0.0.9" + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "LOCAL", + "availabilityImpact": "HIGH", + "baseScore": 7, + "baseSeverity": "HIGH", + "confidentialityImpact": "HIGH", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H", + "version": "3.1" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://usn.ubuntu.com/4449-1", + "refsource": "CONFIRM", + "url": "https://usn.ubuntu.com/4449-1" + } + ] + }, + "solution": [], + "source": { + "advisory": "https://usn.ubuntu.com/4449-1", + "defect": [], + "discovery": "EXTERNAL" + }, + "work_around": [] +}