CVE-2021-25684
apport can be stalled by reading a FIFO
In short
Apport, a tool that collects crash reports on Linux systems, can be stalled indefinitely when it tries to read a specially crafted FIFO (named pipe) file. An attacker could exploit this to freeze the crash reporting system and prevent security incident investigation.
Technical detail
Apport fails to implement proper file handling when opening report files, making it vulnerable to denial of service via FIFO blocking. An unprivileged attacker can create a malicious FIFO that causes the apport daemon to hang on read operations, disrupting crash report collection and system diagnostics. Impact includes unavailability of crash analysis and potential security monitoring gaps.
Summary generated and translated by AI from the official description.
It was discovered that apport in data/apport did not properly open a report file to prevent hanging reads on a FIFO.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
Affected products
Canonical · apportWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →