Nixpkgs Security Tracker

Untriaged

Permalink CVE-2015-1341

created 1 month ago

Apport privilege escalation through Python module imports

Any Python module in sys.path can be imported if the command line of the process triggering the coredump is Python and the first argument is -m in Apport before 2.19.2 function _python_module_path.

References

https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC x_transferred
https://usn.ubuntu.com/2782-1/ x_refsource_MISC x_transferred
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC x_transferred
https://usn.ubuntu.com/2782-1/ x_refsource_MISC x_transferred
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC
https://usn.ubuntu.com/2782-1/ x_refsource_MISC
https://launchpad.net/apport/trunk/2.19.2 x_refsource_MISC x_transferred
https://usn.ubuntu.com/2782-1/ x_refsource_MISC x_transferred

Affected products

Apport

<2.19.2
<2.19.1-0ubuntu4
<2.0.1-0ubuntu17.13
<2.14.1-0ubuntu3.18
<2.17.2-0ubuntu1.7

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Round a set of numbers while maintaining its sum

nixos-unstable 0.0.0.4
- nixpkgs-unstable 0.0.0.4
- nixos-unstable-small 0.0.0.4
nixos-25.11 0.0.0.4
- nixos-25.11-small 0.0.0.4
- nixpkgs-25.11-darwin 0.0.0.4

Package maintainers

@thielema Henning Thielemann <nix@henning-thielemann.de>

Suggestion detail

References

Affected products

Matching in nixpkgs

pkgs.haskellPackages.apportionment

Package maintainers