Explore top 10 tips to secure your open-source projects now. Read More
×USN-7545-1 introduced a regression in Apport. ========================================================================== Ubuntu Security Notice USN-7545-4 August 04, 2025 apport regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-7545-1 introduced a regression in Apport Software Description: - apport: automatically generate crash reports for debugging Details: USN-7545-1 fixed vulnerabilities in Apport. The update incorrectly handled logging if a crashing process was killed while Apport was analyzing it. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS apport 2.20.11-0ubuntu82.10 python3-apport 2.20.11-0ubuntu82.10 Ubuntu 20.04 LTS apport 2.20.11-0ubuntu27.31 python3-apport 2.20.11-0ubuntu27.31 Ubuntu 18.04 LTS apport 2.20.9-0ubuntu7.29+esm4 Available with Ubuntu Pro python-apport 2.20.9-0ubuntu7.29+esm4 Available with Ubuntu Pro python3-apport 2.20.9-0ubuntu7.29+esm4 Available with Ubuntu Pro Ubuntu 16.04 LTS apport 2.20.1-0ubuntu2.30+esm8 Available with Ubuntu Pro python-apport 2.20.1-0ubuntu2.30+esm8 Available with Ubuntu Pro python3-apport 2.20.1-0ubuntu2.30+esm8 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7545-4 https://ubuntu.com/security/notices/USN-7545-2 https://ubuntu.com/security/notices/USN-7545-3 https://ubuntu.com/security/notices/USN-7545-4 https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2117236 Package Information: https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.10 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.31 . The Aprior patch on Ubuntu may expose confidential details, implement an upgrade to address vulnerabilities and bolster overall system defense.. Ubuntu Apport Regression, Apport Update, Ubuntu Security Notice, Information Leak Mitigation, Apport Vulnerability. . Severity: Important. LinuxSecurity.com Team
USN-7545-1 introduced a regression in Apport. ========================================================================== Ubuntu Security Notice USN-7545-3 July 14, 2025 apport regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-7545-1 introduced a regression in Apport Software Description: - apport: automatically generate crash reports for debugging Details: USN-7545-1 fixed vulnerabilities in Apport. The update introduced a regression that raised an error if a crashing process was killed while Apport was analyzing it. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 apport 2.32.0-0ubuntu5.3 python3-apport 2.32.0-0ubuntu5.3 Ubuntu 24.04 LTS apport 2.28.1-0ubuntu3.8 python3-apport 2.28.1-0ubuntu3.8 Ubuntu 22.04 LTS apport 2.20.11-0ubuntu82.9 python3-apport 2.20.11-0ubuntu82.9 Ubuntu 20.04 LTS apport 2.20.11-0ubuntu27.30 python3-apport 2.20.11-0ubuntu27.30 Ubuntu 18.04 LTS apport 2.20.9-0ubuntu7.29+esm3 Available with Ubuntu Pro python-apport 2.20.9-0ubuntu7.29+esm3 Available with Ubuntu Pro python3-apport 2.20.9-0ubuntu7.29+esm3 Available with Ubuntu Pro Ubuntu 16.04 LTS apport 2.20.1-0ubuntu2.30+esm7 Available with Ubuntu Pro python-apport 2.20.1-0ubuntu2.30+esm7 Available with Ubuntu Pro python3-apport 2.20.1-0ubuntu2.30+esm7 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. Package Information: https://launchpad.net/ubuntu/+source/apport/2.32.0-0ubuntu5.3 https://launchpad.net/ubuntu/+source/apport/2.28.1-0ubuntu3.8 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.9 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.30 . Upgrade Apport in Ubuntu distributions to resolve a bug that caused issues during crash analysis and inadvertently exposed confidential information.. Apport regression, Ubuntu update, crash report vulnerability, sensitive data leak. . Severity: Critical. LinuxSecurity.com Team
USN-7545-1 introduced a regression in Apport.. ========================================================================== Ubuntu Security Notice USN-7545-2 June 09, 2025 apport regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: USN-7545-1 introduced a regression in Apport. Software Description: - apport: automatically generate crash reports for debugging Details: USN-7545-1 fixed a vulnerability in Apport. The update introduced a regression that prevented core dumps from being generated inside containers. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 apport 2.32.0-0ubuntu5.2 python3-apport 2.32.0-0ubuntu5.2 Ubuntu 24.10 apport 2.30.0-0ubuntu4.4 python3-apport 2.30.0-0ubuntu4.4 Ubuntu 24.04 LTS apport 2.28.1-0ubuntu3.7 python3-apport 2.28.1-0ubuntu3.7 Ubuntu 22.04 LTS apport 2.20.11-0ubuntu82.8 python3-apport 2.20.11-0ubuntu82.8 Ubuntu 20.04 LTS apport 2.20.11-0ubuntu27.29 python3-apport 2.20.11-0ubuntu27.29 Ubuntu 18.04 LTS apport 2.20.9-0ubuntu7.29+esm2 Available with Ubuntu Pro python-apport 2.20.9-0ubuntu7.29+esm2 Available with Ubuntu Pro python3-apport 2.20.9-0ubuntu7.29+esm2 Available with Ubuntu Pro Ubuntu 16.04 LTS apport 2.20.1-0ubuntu2.30+esm6 Available with Ubuntu Pro python-apport 2.20.1-0ubuntu2.30+esm6 Available with Ubuntu Pro python3-apport 2.20.1-0ubuntu2.30+esm6 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. Package Information: https://launchpad.net/ubuntu/+source/apport/2.32.0-0ubuntu5.2 https://launchpad.net/ubuntu/+source/apport/2.30.0-0ubuntu4.4 https://launchpad.net/ubuntu/+source/apport/2.28.1-0ubuntu3.7 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.8 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.29 . The apport tool in various Ubuntu LTS iterations has been updated to close potential vulnerabilities that could facilitate data exposure. Maintain your system's integrity!. Ubuntu Apport Regression, Security Updates, Linux Software Issues. . Severity: Critical. LinuxSecurity.com Team
Apport could be made to leak sensitive information.. ========================================================================== Ubuntu Security Notice USN-7545-1 May 29, 2025 apport vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 25.04 - Ubuntu 24.10 - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Apport could be made to leak sensitive information. Software Description: - apport: automatically generate crash reports for debugging Details: Qualys discovered that Apport incorrectly handled metadata when processing application crashes. An attacker could possibly use this issue to leak sensitive information. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 25.04 apport 2.32.0-0ubuntu5.1 python3-apport 2.32.0-0ubuntu5.1 Ubuntu 24.10 apport 2.30.0-0ubuntu4.3 python3-apport 2.30.0-0ubuntu4.3 Ubuntu 24.04 LTS apport 2.28.1-0ubuntu3.6 python3-apport 2.28.1-0ubuntu3.6 Ubuntu 22.04 LTS apport 2.20.11-0ubuntu82.7 python3-apport 2.20.11-0ubuntu82.7 Ubuntu 20.04 LTS apport 2.20.11-0ubuntu27.28 python3-apport 2.20.11-0ubuntu27.28 Ubuntu 18.04 LTS apport 2.20.9-0ubuntu7.29+esm1 Available with Ubuntu Pro python-apport 2.20.9-0ubuntu7.29+esm1 Available with Ubuntu Pro python3-apport 2.20.9-0ubuntu7.29+esm1 Available with Ubuntu Pro Ubuntu 16.04 LTS apport 2.20.1-0ubuntu2.30+esm5 Available with Ubuntu Pro python-apport 2.20.1-0ubuntu2.30+esm5 Available with Ubuntu Pro python3-apport 2.20.1-0ubuntu2.30+esm5 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7545-1 CVE-2025-5054 Package Information: https://launchpad.net/ubuntu/+source/apport/2.32.0-0ubuntu5.1 https://launchpad.net/ubuntu/+source/apport/2.30.0-0ubuntu4.3 https://launchpad.net/ubuntu/+source/apport/2.28.1-0ubuntu3.6 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.7 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.28 . Correction for Apport system resulting in unintended exposure of confidential data in various Ubuntu versions. Urgent update advised for improved security measures.. apport security, sensitive data leak, Ubuntu vulnerability. . Severity: Critical. LinuxSecurity.com Team
Several security issues were fixed in Apport.. ========================================================================== Ubuntu Security Notice USN-6894-1 July 11, 2024 apport vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in Apport. Software Description: - apport: automatically generate crash reports for debugging Details: Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242) Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652) Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to a denial of service. (CVE-2022-28654) Gerrit Venema discovered that Apport did not filter D-Bus connection strings. A local attacker could possibly use this issue to cause Apport to make arbitrary network connections. (CVE-2022-28655) Gerrit Venema discovered that Apport did not limit the amount of memory being consumed during D-Bus connections. A local attacker could possibly use this issue to cause Apport to consume memory, leading to a denial of service. (CVE-2022-28656) Gerrit Venema discovered that Apport did not disable the python crash handler before chrooting into a container. A local attacker could possibly use thisissue to execute arbitrary code. (CVE-2022-28657) Gerrit Venema discovered that Apport incorrectly handled filename argument whitespace. A local attacker could possibly use this issue to spoof arguments to the Apport daemon. (CVE-2022-28658) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS apport 2.20.1-0ubuntu2.30+esm4 Available with Ubuntu Pro python-apport 2.20.1-0ubuntu2.30+esm4 Available with Ubuntu Pro python3-apport 2.20.1-0ubuntu2.30+esm4 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6894-1 https://ubuntu.com/security/notices/USN-5427-1 CVE-2021-3899, CVE-2022-1242, CVE-2022-28652, CVE-2022-28654, CVE-2022-28655, CVE-2022-28656, CVE-2022-28657, CVE-2022-28658 . Multiple vulnerabilities in the system monitor tool were mitigated in Fedora to avert possible exploit attempts, including denial of service scenarios.. Apport Updates, Ubuntu 16.04 Security, Remote Code Execution, Denial of Service, Security Issues. . LinuxSecurity.com Team
Apport could be used to escalate privilege on specially configured systems.. =========================================================================Ubuntu Security Notice USN-6018-1 April 13, 2023 apport vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Apport could be used to escalate privilege on specially configured systems. Software Description: - apport: automatically generate crash reports for debugging Details: Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.10: apport 2.23.1-0ubuntu3.2 Ubuntu 22.04 LTS: apport 2.20.11-0ubuntu82.4 Ubuntu 20.04 LTS: apport 2.20.11-0ubuntu27.26 Ubuntu 18.04 LTS: apport 2.20.9-0ubuntu7.29 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6018-1 CVE-2023-1326, https://bugs.launchpad.net/ubuntu/+source/apport/+bug/2016023 Package Information: https://launchpad.net/ubuntu/+source/apport/2.23.1-0ubuntu3.2 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.4 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.26 https://launchpad.net/ubuntu/+source/apport/2.20.9-0ubuntu7.29 . A security flaw in the networking stack may enable privilege escalation on uniquely set up Debian systems. Ensure updates are applied immediately for safety.. Apport Escalate Privilege Ubuntu Security Update. . Severity: Important. LinuxSecurity.com Team
Several security issues were fixed in Apport.. =========================================================================Ubuntu Security Notice USN-5427-1 May 17, 2022 apport vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 21.10 - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS Summary: Several security issues were fixed in Apport. Software Description: - apport: automatically generate crash reports for debugging Details: Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. (CVE-2021-3899) Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user. (CVE-2022-1242) Gerrit Venema discovered that Apport incorrectly handled user settings files. A local attacker could possibly use this issue to cause Apport to consume resources, leading to a denial of service. (CVE-2022-28652) Gerrit Venema discovered that Apport did not limit the amount of logging from D-Bus connections. A local attacker could possibly use this issue to fill up the Apport log file, leading to denial of service. (CVE-2022-28654) Gerrit Venema discovered that Apport did not filter D-Bus connection strings. A local attacker could possibly use this issue to cause Apport to make arbitrary network connections. (CVE-2022-28655) Gerrit Venema discovered that Apport did not limit the amount of memory being consumed during D-Bus connections. A local attacker could possibly use this issue to cause Apport to consume memory, leading to a denial of service. (CVE-2022-28656) Gerrit Venema discovered that Apport did not disable the python crash handler before chrooting into acontainer. A local attacker could possibly use this issue to execute arbitrary code. (CVE-2022-28657) Gerrit Venema discovered that Apport incorrectly handled filename argument whitespace. A local attacker could possibly use this issue to spoof arguments to the Apport daemon. (CVE-2022-28658) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: apport 2.20.11-0ubuntu82.1 python3-apport 2.20.11-0ubuntu82.1 Ubuntu 21.10: apport 2.20.11-0ubuntu71.2 python3-apport 2.20.11-0ubuntu71.2 Ubuntu 20.04 LTS: apport 2.20.11-0ubuntu27.24 python3-apport 2.20.11-0ubuntu27.24 Ubuntu 18.04 LTS: apport 2.20.9-0ubuntu7.28 python3-apport 2.20.9-0ubuntu7.28 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5427-1 CVE-2021-3899, CVE-2022-1242, CVE-2022-28652, CVE-2022-28654, CVE-2022-28655, CVE-2022-28656, CVE-2022-28657, CVE-2022-28658 Package Information: https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu82.1 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu71.2 https://launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.24 https://launchpad.net/ubuntu/+source/apport/2.20.9-0ubuntu7.28 . Multiple vulnerabilities in the Apport tool have been addressed with the recent updates across various Ubuntu versions.. Ubuntu Security, Apport Issues, Software Update. . Severity: Critical. LinuxSecurity.com Team
Apport could be made to create files as the administrator.. =========================================================================Ubuntu Security Notice USN-5122-2 October 26, 2021 apport vulnerability ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 ESM - Ubuntu 14.04 ESM Summary: Apport could be made to create files as the administrator. Software Description: - apport: automatically generate crash reports for debugging Details: USN-5122-1 fixed a vulnerability in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. On Ubuntu 16.04 ESM This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory. On Ubuntu 14.04 ESM, core file generation has been disabled by default. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 ESM: apport 2.20.1-0ubuntu2.30+esm3 python3-apport 2.20.1-0ubuntu2.30+esm3 Ubuntu 14.04 ESM: apport 2.14.1-0ubuntu3.29+esm9 python3-apport 2.14.1-0ubuntu3.29+esm9 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-5122-2 https://ubuntu.com/security/notices/USN-5122-1 https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1948657 . The Apport weakness identified in various Ubuntu versions enables unauthorized file generation with elevated privileges. It's crucial to mitigate this security flaw without delay.. Apport Vulnerability, Ubuntu Security, File Creation Escalation, Update Ubuntu, Linux Security Advisory. . Severity:Important. LinuxSecurity.com Team
Get the latest Linux and open source security news straight to your inbox.