CVE-2023-1326: 
Linux Ubuntu vulnerability analysis and mitigation

A privilege escalation vulnerability was discovered in apport-cli version 2.26.0 and earlier, tracked as CVE-2023-1326. The vulnerability is similar to CVE-2023-26604 and affects systems where unprivileged users are allowed to run sudo apport-cli, less is configured as the pager, and the terminal size can be set. The vulnerability was disclosed in April 2023 (MITRE CVE, Ubuntu Security).

The vulnerability exists in apport-cli's functionality when viewing crash reports. When using the view feature, it invokes the default pager (typically 'less'). If the binary is allowed to run as superuser via sudo, it does not properly drop elevated privileges when executing the pager, which can be exploited to access the file system with elevated privileges. The issue specifically occurs because apport-cli fails to execute sensible-pager as the original user when called via sudo or pkexec (GitHub Commit).

If successfully exploited, this vulnerability allows local attackers to escalate privileges to root level on affected systems. However, the impact is limited as it requires a specific system configuration where unprivileged users are allowed to run sudo apport-cli, which is an uncommon configuration in production environments (MITRE CVE).

The vulnerability has been patched in multiple Ubuntu versions: Ubuntu 22.10 (apport 2.23.1-0ubuntu3.2), Ubuntu 22.04 (apport 2.20.11-0ubuntu82.4), Ubuntu 20.04 (apport 2.20.11-0ubuntu27.26), and Ubuntu 18.04 (apport 2.20.9-0ubuntu7.29). System administrators should update their systems to these versions or later. Additionally, it's recommended to review and restrict sudo permissions for apport-cli (Ubuntu Security).