CVE-2019-11485: 
Linux Ubuntu vulnerability analysis and mitigation

CVE-2019-11485 is a security vulnerability discovered by Sander Bos in Apport, Ubuntu's crash handling system. The vulnerability was identified in April 2019 and involves Apport's lock file being placed in a world-writable directory. This vulnerability affects multiple versions of Ubuntu including 19.10, 19.04, 18.04 LTS, 16.04 LTS, and 14.04 LTS (Ubuntu Security).

The vulnerability stems from Apport's mishandling of lock-file creation, where the lock file was placed in a world-writable directory. The vulnerability has been assigned a CVSS 3.1 Base Score of 3.3 (Low), with the following characteristics: Attack Vector: Local, Attack Complexity: Low, Privileges Required: Low, User Interaction: None, Scope: Unchanged, Confidentiality: None, Integrity: None, Availability: Low (Ubuntu Security).

The vulnerability could be exploited by a local attacker to cause a denial of service against Apport, effectively preventing crash handling functionality (Ubuntu Notice).

The vulnerability has been fixed in multiple Ubuntu releases with the following package versions: Ubuntu 19.10 (2.20.11-0ubuntu8.1), Ubuntu 19.04 (2.20.10-0ubuntu27.2), Ubuntu 18.04 (2.20.9-0ubuntu7.8), Ubuntu 16.04 (2.20.1-0ubuntu2.20), and Ubuntu 14.04 (2.14.1-0ubuntu3.29+esm2). Users are advised to perform a standard system update to apply the necessary fixes (Ubuntu Notice).