Description
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
Published: 2024-06-03
Score: 7.8 High
EPSS: 2.9% Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

No analysis available yet.

Remediation

No remediation available yet.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Ubuntu USN Ubuntu USN USN-5427-1 Apport vulnerabilities
Ubuntu USN Ubuntu USN USN-6894-1 Apport vulnerabilities
History

Tue, 26 Aug 2025 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Canonical
Canonical apport
Canonical ubuntu Linux
CPEs cpe:2.3:a:canonical:apport:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:*
Vendors & Products Canonical
Canonical apport
Canonical ubuntu Linux

Sat, 12 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.02053}

 epss

{'score': 0.02678}

Mon, 19 Aug 2024 15:00:00 +0000

Type Values Removed Values Added
Weaknesses CWE-367
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Canonical Apport Ubuntu Linux
cve-icon MITRE

Status: PUBLISHED

Assigner: canonical

Published:

Updated: 2024-08-19T14:10:41.358Z

Reserved: 2021-10-23T01:51:35.297Z

Link: CVE-2021-3899

cve-icon Vulnrichment

Updated: 2024-08-03T17:09:09.767Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-03T19:15:08.940

Modified: 2025-08-26T17:21:04.500

Link: CVE-2021-3899

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.

Weaknesses