Whoopsie-daisy: Chaining accidental features of Ubuntu’s crash reporter to get Local Privilege Escalation

This post summarizes several security vulnerabilities in Ubuntu’s crash reporting system: CVE-2019-7307, CVE-2019-11476, CVE-2019-11481, CVE-2019-11484, CVE-2019-15790. When chained together,...

By Nebula Pioneer · March 16, 2026 · 1 min read

Whoopsie-daisy: Chaining accidental features of Ubuntu’s crash reporter to get Local Privilege Escalation

security
vulnerability research
github security lab
ubuntu
vulnerability research

Source: The GitHub Blog

This post summarizes several security vulnerabilities in Ubuntu’s crash reporting system: CVE-2019-7307, CVE-2019-11476, CVE-2019-11481, CVE-2019-11484, CVE-2019-15790. When chained together, they allow an unprivileged user to read arbitrary files on the system.