CVE-2015-1324
published 2017-08-25CVE-2015-1324: Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in…
PriorityP340high7.8CVSS 3.0
AVLACLPRLUINSUCHIHAH
EPSS
0.36%
27.4th percentile
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apport_project | apport | <= 2.20.7 | — |
| apport_project | apport | >= 0 < 2.14.1-0ubuntu3.11 | 2.14.1-0ubuntu3.11 |
| apport_project | apport | >= 0 < 2.14.1-0ubuntu3.27 | 2.14.1-0ubuntu3.27 |
| apport_project | apport | >= 0 < 2.20.1-0ubuntu2.12 | 2.20.1-0ubuntu2.12 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.2HIGHAV:L/AC:L/Au:N/C:C/I:C/A:C
osv7.8HIGH
vendor_ubuntu7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
Apport vulnerabilities
vendor_ubuntu·2015-05-21·CVSS 7.8
CVE-2015-1324 [HIGH] Apport vulnerabilities
Title: Apport vulnerabilities
Summary: Apport could be tricked into creating arbitrary files as an administrator,
resulting in privilege escalation.
Sander Bos discovered that Apport incorrectly handled permissions when
the system was configured to generate core dumps for setuid binaries. A
local attacker could use this issue to gain elevated privileges.
(CVE-2015-1324)
Philip Pettersson discovered that Apport contained race conditions
resulting core dumps to be generated with incorrect permissions in
arbitrary locations. A local attacker could use this issue to gain elevated
privileges. (CVE-2015-1325)
Instructions: In general, a standard system update will make all the necessary changes.
GHSA
GHSA-frh2-w2hj-959j: Apport before 2
ghsa_unreviewed·2022-05-17
CVE-2015-1324 [HIGH] GHSA-frh2-w2hj-959j: Apport before 2
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.
GHSA
GHSA-gx65-cr2w-3vfm: Apport through 2
ghsa_unreviewed·2022-05-14·CVSS 7.8
CVE-2017-14177 [HIGH] CWE-400 GHSA-gx65-cr2w-3vfm: Apport through 2
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.
OSV
CVE-2017-14177: Apport through 2
osv·2017-11-15·CVSS 7.8
CVE-2017-14177 [HIGH] CVE-2017-14177: Apport through 2
Apport through 2.20.7 does not properly handle core dumps from setuid binaries allowing local users to create certain files as root which an attacker could leverage to perform a denial of service via resource exhaustion or possibly gain root privileges. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1324.
OSV
apport vulnerabilities
osv·2015-05-21·CVSS 7.8
CVE-2015-1324 [HIGH] apport vulnerabilities
apport vulnerabilities
Sander Bos discovered that Apport incorrectly handled permissions when
the system was configured to generate core dumps for setuid binaries. A
local attacker could use this issue to gain elevated privileges.
(CVE-2015-1324)
Philip Pettersson discovered that Apport contained race conditions
resulting core dumps to be generated with incorrect permissions in
arbitrary locations. A local attacker could use this issue to gain elevated
privileges. (CVE-2015-1325)
OSV
CVE-2015-1324: Apport before 2
osv·2015-05-21·CVSS 7.8
CVE-2015-1324 [HIGH] CVE-2015-1324: Apport before 2
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2017-08-25
Published