CVE-2021-32554

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
References
Link Resource
https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1917904 Issue Tracking Vendor Advisory
Configurations

Configuration 1

cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:21.04:*:*:*:lts:*:*:*

Information

Published : 2021-06-12 04:15

Updated : 2021-06-16 01:14


NVD link : CVE-2021-32554

Mitre link : CVE-2021-32554

Products Affected
No products.
CWE