Sander Bos discovered Apport's lock file was in a world-writable directory which allowed all users to prevent crash handling.
The product properly checks for the existence of a lock, but the lock can be externally controlled or influenced by an actor that is outside of the intended sphere of control.
Link | Tags |
---|---|
https://usn.ubuntu.com/usn/usn-4171-1 | third party advisory |
https://usn.ubuntu.com/usn/usn-4171-2 | third party advisory |