Apport Exploit Corrected in Ubuntu 13.10

On October 24, in a security notice, Canonical published details about an Apport vulnerability in its Ubuntu 13.10, Ubuntu 13.04, Ubuntu 12.10, and Ubuntu 12.04 LTS operating systems.

According to the company, Apport could have been made to expose privileged information.

It has been discovered that Apport set incorrect permissions on core dump files generated by setuid binaries. A local attacker could possibly use this issue to obtain privileged information.

For a more detailed description of the security problems, you can see Canonical's security notification.

The security flaws can be fixed if you upgrade your system(s) to the latest Apport package specific to each distribution. To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes and a restart is not required.