CVE-2023-1326

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2023-1326
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1326.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-1326
Downstream
Published
2023-04-13T23:15:07.180Z
Modified
2026-04-10T04:56:45.710295Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

References

Affected packages

Git / github.com/canonical/apport

Affected ranges

Type
GIT
Repo
https://github.com/canonical/apport
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e6a2a079d234222b4672a70dabce16c1bf0ddd3b
Fixed
e5f78cc89f1f5888b6a56b785dddcb0364c48ecb
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "2.26.0"
        }
    ]
}

Affected versions

0.*
0.111
0.112
0.114
0.115
0.116
0.117
0.119
0.120
0.121
0.122
0.123
0.124
0.125
0.126
0.127
0.128
0.129
0.130
0.131
0.132
0.133
0.134
0.135
0.136
0.138
0.139
0.140
0.141
0.142
0.143
0.144
0.145
0.146
0.147
0.148
0.149
1.*
1.0
1.1
1.1.1
1.10
1.10.1
1.11
1.12
1.12.1
1.13
1.13.1
1.13.2
1.13.3
1.13.4
1.14
1.14.1
1.15
1.16
1.17
1.17.1
1.17.2
1.18
1.19
1.2.0
1.2.1
1.20
1.20.1
1.21
1.21.1
1.21.2
1.21.3
1.22
1.22.1
1.23
1.23.1
1.24
1.25
1.26
1.3
1.4
1.5
1.6
1.7
1.8
1.8.1
1.8.2
1.9
1.9.1
1.9.2
1.9.3
1.9.4
1.9.5
1.9.6
1.90
1.91
1.92
1.93
1.94
1.94.1
1.95
2.*
2.0
2.0.1
2.1
2.1.1
2.10
2.10.1
2.10.2
2.11
2.12
2.12.1
2.12.2
2.12.3
2.12.4
2.12.5
2.12.6
2.12.7
2.13
2.13.1
2.13.2
2.13.3
2.14
2.14.1
2.14.2
2.14.3
2.14.4
2.14.5
2.14.6
2.14.7
2.15
2.15.1
2.16
2.16.1
2.16.2
2.17
2.17.1
2.17.2
2.17.3
2.18
2.18.1
2.19
2.19.1
2.19.2
2.19.3
2.19.4
2.2
2.2.1
2.2.2
2.2.3
2.2.4
2.2.5
2.20
2.20.1
2.20.10
2.20.11
2.20.2
2.20.3
2.20.4
2.20.5
2.20.6
2.20.7
2.20.8
2.20.9
2.21.0
2.22.0
2.23.0
2.23.1
2.24.0
2.25.0
2.26.0
2.3
2.4
2.5
2.5.1
2.5.2
2.5.3
2.6
2.6.1
2.6.2
2.6.3
2.7
2.8
2.9
2.9.1
2.9.2

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1326.json"
unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "18.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "20.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "22.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "22.10"
            }
        ]
    }
]