VIR Vulnerability Intelligence Relay

CVE-2015-1324

high
Published 2017-08-25 · Modified 2026-05-13
CVSS v3
7.8
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CVSS v2
7.2
VIR risk
7.8

Description

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.

Predictions

Exploit likelihood
75%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: security@ubuntu.com — https://bugs.launchpad.net/ubuntu/+source/apport/+bug/1452239

vendor Authored 2026-05-27

Vendor advisory: security@ubuntu.com — http://www.ubuntu.com/usn/USN-2609-1

OS impact
OSVersionStatusFixed in
ubuntu ubuntu12.04affected
ubuntu ubuntu14.04affected
ubuntu ubuntu14.10affected
ubuntu ubuntu15.04affected

References

CWEs

CWE-264

Verify integrity in audit chain (admin only). AS-IS.