[USN-5122-1] Apport vulnerability

========================================================================== Ubuntu Security Notice USN-5122-1 October 25, 2021
apport vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 21.10 – Ubuntu 21.04 – Ubuntu 20.04 LTS – Ubuntu 18.04 LTS
Summary:
Apport could be made to create files as the administrator.
Software Description: – apport: automatically generate crash reports for debugging
Details:
It was discovered that Apport could be tricked into writing core files as root into arbitrary directories in certain scenarios. A local attacker could possibly use this issue to escalate privileges. This update will cause Apport to generate all core files in the /var/lib/apport/coredump directory.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 21.10: apport 2.20.11-0ubuntu71 python3-apport 2.20.11-0ubuntu71
Ubuntu 21.04: apport 2.20.11-0ubuntu65.4 python3-apport 2.20.11-0ubuntu65.4
Ubuntu 20.04 LTS: apport 2.20.11-0ubuntu27.21 python3-apport 2.20.11-0ubuntu27.21
Ubuntu 18.04 LTS: apport 2.20.9-0ubuntu7.27 python3-apport 2.20.9-0ubuntu7.27
In general, a standard system update will make all the necessary changes.
References: ubuntu.com/security/notices/USN-5122-1 launchpad.net/bugs/1948657
Package Information: launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu71 launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu65.4 launchpad.net/ubuntu/+source/apport/2.20.11-0ubuntu27.21 launchpad.net/ubuntu/+source/apport/2.20.9-0ubuntu7.27