There is a race condition in the replaced executable detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
The product checks the state of a resource before using that resource, but the resource’s state can change between the check and the use in a way that invalidates the results of the check.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Apport | Canonical | * | 2.21.0 (excluding) |
| Apport | Ubuntu | bionic | * |
| Apport | Ubuntu | devel | * |
| Apport | Ubuntu | esm-infra-legacy/trusty | * |
| Apport | Ubuntu | esm-infra/bionic | * |
| Apport | Ubuntu | esm-infra/focal | * |
| Apport | Ubuntu | esm-infra/xenial | * |
| Apport | Ubuntu | focal | * |
| Apport | Ubuntu | hirsute | * |
| Apport | Ubuntu | impish | * |
| Apport | Ubuntu | jammy | * |
| Apport | Ubuntu | kinetic | * |
| Apport | Ubuntu | lunar | * |
| Apport | Ubuntu | mantic | * |
| Apport | Ubuntu | noble | * |
| Apport | Ubuntu | oracular | * |
| Apport | Ubuntu | plucky | * |
| Apport | Ubuntu | questing | * |
| Apport | Ubuntu | trusty/esm | * |
| Apport | Ubuntu | upstream | * |