Your submission was sent successfully! Close

You have successfully unsubscribed! Close

CVE-2015-1324

Published: 21 May 2015

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.

Notes

AuthorNote
mdeslaur
2609-1

Priority

High

CVSS 3 base score: 7.8

Status

Package Release Status
apport
Launchpad, Ubuntu, Debian
precise Does not exist
(precise was released [2.0.1-0ubuntu17.9])
trusty
Released (2.14.1-0ubuntu3.11)
upstream Needs triage

utopic
Released (2.14.7-0ubuntu8.5)
vivid
Released (2.17.2-0ubuntu1.1)
wily
Released (2.17.3-0ubuntu1)
xenial
Released (2.17.3-0ubuntu1)
yakkety
Released (2.17.3-0ubuntu1)
zesty
Released (2.17.3-0ubuntu1)