CVE-2023–1326 POC

This vulnerability is privilege escalation in apport-cli 2.26.0, similar to CVE-2023–26604, this vulnerability only works if assign in sudoers:

When execute less in the execution apport-cli, we can execute bash:

Execute apport-cli with parameter file bug:

Select any option:

And press key:

And Wait, now in this point:

In view report is where execute less:

Now execute:

!/bin/bash

References:

• https://security.snyk.io/vuln/SNYK-UBUNTU2210-APPORT-5422155
• https://vuldb.com/?id.225896