{"id":"CVE-2023-1326","details":"A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit.","modified":"2026-04-10T04:56:45.710295Z","published":"2023-04-13T23:15:07.180Z","references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-6018-1"},{"type":"FIX","url":"https://github.com/canonical/apport/commit/e5f78cc89f1f5888b6a56b785dddcb0364c48ecb"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/canonical/apport","events":[{"introduced":"0"},{"last_affected":"e6a2a079d234222b4672a70dabce16c1bf0ddd3b"},{"fixed":"e5f78cc89f1f5888b6a56b785dddcb0364c48ecb"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.26.0"}]}}],"versions":["0.111","0.112","0.114","0.115","0.116","0.117","0.119","0.120","0.121","0.122","0.123","0.124","0.125","0.126","0.127","0.128","0.129","0.130","0.131","0.132","0.133","0.134","0.135","0.136","0.138","0.139","0.140","0.141","0.142","0.143","0.144","0.145","0.146","0.147","0.148","0.149","1.0","1.1","1.1.1","1.10","1.10.1","1.11","1.12","1.12.1","1.13","1.13.1","1.13.2","1.13.3","1.13.4","1.14","1.14.1","1.15","1.16","1.17","1.17.1","1.17.2","1.18","1.19","1.2.0","1.2.1","1.20","1.20.1","1.21","1.21.1","1.21.2","1.21.3","1.22","1.22.1","1.23","1.23.1","1.24","1.25","1.26","1.3","1.4","1.5","1.6","1.7","1.8","1.8.1","1.8.2","1.9","1.9.1","1.9.2","1.9.3","1.9.4","1.9.5","1.9.6","1.90","1.91","1.92","1.93","1.94","1.94.1","1.95","2.0","2.0.1","2.1","2.1.1","2.10","2.10.1","2.10.2","2.11","2.12","2.12.1","2.12.2","2.12.3","2.12.4","2.12.5","2.12.6","2.12.7","2.13","2.13.1","2.13.2","2.13.3","2.14","2.14.1","2.14.2","2.14.3","2.14.4","2.14.5","2.14.6","2.14.7","2.15","2.15.1","2.16","2.16.1","2.16.2","2.17","2.17.1","2.17.2","2.17.3","2.18","2.18.1","2.19","2.19.1","2.19.2","2.19.3","2.19.4","2.2","2.2.1","2.2.2","2.2.3","2.2.4","2.2.5","2.20","2.20.1","2.20.10","2.20.11","2.20.2","2.20.3","2.20.4","2.20.5","2.20.6","2.20.7","2.20.8","2.20.9","2.21.0","2.22.0","2.23.0","2.23.1","2.24.0","2.25.0","2.26.0","2.3","2.4","2.5","2.5.1","2.5.2","2.5.3","2.6","2.6.1","2.6.2","2.6.3","2.7","2.8","2.9","2.9.1","2.9.2"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-1326.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"20.04"}]},{"events":[{"introduced":"0"},{"last_affected":"22.04"}]},{"events":[{"introduced":"0"},{"last_affected":"22.10"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}