whoopsie-daisy: Ubuntu crash reporter exploit (CVE-2019-11484, CVE-2019-15790)

Video of a proof-of-concept exploit for Ubuntu&crash reporting system, written by GitHub security researcher Kevin Backhouse. The exploit uses a heap buffer overflow vulnerability in whoopsie (CVE-2019-11484) and an information disclosure vulnerability in Apport (CVE-2019-15790) to get a shell as the whoopsie user. In the voice-over, Kevin Backhouse explains what&happening.