CVE 2015-1324
Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.
Related bugs and status
CVE-2015-1324 (Candidate) is related to these bugs:
Bug #1448636: Suspend/resume failure misspells "occurred"
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1448636 | Suspend/resume failure misspells "occurred" | apport (Ubuntu) | Low | Fix Released |
Bug #1452239: root escalation with fs.suid_dumpable=2
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1452239 | root escalation with fs.suid_dumpable=2 | apport (Ubuntu) | High | Fix Released | ||
1452239 | root escalation with fs.suid_dumpable=2 | apport (Ubuntu Trusty) | Undecided | Fix Released | ||
1452239 | root escalation with fs.suid_dumpable=2 | apport (Ubuntu Wily) | High | Fix Released | ||
1452239 | root escalation with fs.suid_dumpable=2 | apport (Ubuntu Utopic) | Undecided | Fix Released | ||
1452239 | root escalation with fs.suid_dumpable=2 | apport (Ubuntu Vivid) | Undecided | Fix Released | ||
1452239 | root escalation with fs.suid_dumpable=2 | Apport | High | Fix Released | ||
1452239 | root escalation with fs.suid_dumpable=2 | apport (Ubuntu Precise) | Undecided | Fix Released |
Bug #1453900: root escalation via race condition
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1453900 | root escalation via race condition | apport (Ubuntu) | Critical | Fix Released | ||
1453900 | root escalation via race condition | Apport | Critical | Fix Released |
Bug #1726372: Multiple security issues in Apport
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1726372 | Multiple security issues in Apport | apport (Ubuntu) | Undecided | Fix Released | ||
1726372 | Multiple security issues in Apport | apport (Ubuntu Artful) | Undecided | Fix Released | ||
1726372 | Multiple security issues in Apport | apport (Ubuntu Trusty) | Undecided | Fix Released | ||
1726372 | Multiple security issues in Apport | apport (Ubuntu Xenial) | Undecided | Fix Released | ||
1726372 | Multiple security issues in Apport | apport (Ubuntu Zesty) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.