CVE-2023-1326

HIGH

Canonical Apport < 2.26.0 - Improper Privilege Management

Title source: rule

Description

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.

Exploits (4)

nomisec WORKING POC 21 stars

by diego-tella · poc

https://github.com/diego-tella/CVE-2023-1326-PoC

View Code ZIP pw:eip

nomisec WORKING POC 1 stars

by h3x0v3rl0rd · poc

https://github.com/h3x0v3rl0rd/CVE-2023-1326

View Code ZIP pw:eip

nomisec WORKING POC

by cve-2024 · poc

https://github.com/cve-2024/CVE-2023-1326-PoC

View Code ZIP pw:eip

nomisec WORKING POC

by Pol-Ruiz · poc

https://github.com/Pol-Ruiz/CVE-2023-1326

View Code ZIP pw:eip

References (2)

Core 2

Core References

Patch patch

https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb

Vendor Advisory vendor-advisory

https://ubuntu.com/security/notices/USN-6018-1

Scores

CVSS v3 7.7

EPSS 0.0505

EPSS Percentile 89.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (5)

canonical/apport < 2.26.0

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 20.04

canonical/ubuntu_linux 22.04

canonical/ubuntu_linux 22.10

Published Apr 13, 2023

Tracked Since Feb 18, 2026