Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2021-3899

Vulnerability Summary

Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652)

Vulnerability Trend

Vendor Advisories

Ubuntu Security Notice: USN-5427-1: Apport vulnerabilities
Several security issues were fixed in Apport ...

Github Repositories

https://github.com/liumuqing/CVE-2021-3899_PoC

race condition in apport lead to Local Privilege Escalation on Ubuntu

CVE-2021-3899 PoC Reproduce Install an older version of apport: sudo apt-get install apport=22011-0ubuntu27 (any version <= 22011-0ubuntu2710 is fine, but you have to download the source code) (optional) set small pid_max otherwise it will take a longer time to prepare for pid rollback echo 10000 | sudo tee /proc/sys/kernel/pid_max allow anybody to run ping as ro

References

https://ubuntu.com/security/notices/USN-5427-1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook