CVE-2023-1326
Published: 13 April 2023
Summary
CVE-2023-1326 is a high-severity Improper Privilege Management (CWE-269) vulnerability in Canonical Ubuntu Linux. Its CVSS base score is 7.7 (High).
Operationally, ranked in the top 9.6% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
The vulnerability CVE-2023-1326 is a privilege escalation flaw affecting apport-cli versions 2.26.0 and earlier. It occurs under a specific configuration that permits unprivileged users to invoke the tool via sudo while using less as the pager and allowing terminal size manipulation, enabling behavior comparable to the earlier CVE-2023-26604 issue.
A local attacker who can execute apport-cli under sudo may leverage the pager to run arbitrary commands, resulting in elevated privileges with impacts across confidentiality, integrity, and availability.
Ubuntu addressed the issue through security notice USN-6018-1, and a corresponding fix was merged in the apport repository via commit e5f78cc89f1f5888b6a56b785dddcb0364c48ecb.
The associated EPSS score has remained flat at 0.0549 with no material rise after disclosure.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2023-23584
Vulnerability details
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size…
more
can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Policy addresses roles, responsibilities, and privilege management to prevent improper privilege assignments.
Access supervision ensures privileges are assigned and managed without improper escalation or retention.
Assigning group/role memberships and access authorizations (privileges) while reviewing accounts addresses improper privilege management.
Enforces proper privilege management by requiring all decisions through the verified reference monitor.
By mandating division of duties across roles, the control enforces proper privilege management and prevents a single entity from controlling an entire sensitive process.
Implements core proper privilege management by restricting to only required rights.
Policy requires training on privilege management and least privilege, making it harder to exploit improper privilege management weaknesses.
Training covers proper privilege management practices, making incorrect privilege assignments less likely.