UBUNTU-CVE-2015-1324

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2015-1324

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-1324.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2015-1324

Upstream

CVE-2015-1324

Downstream

USN-2609-1

Related

USN-2609-1

Published

2015-05-21T17:00:00Z

Modified

2026-02-04T02:26:44.554359Z

Severity

7.8 (High) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
Ubuntu - high

Summary

[none]

Details

Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges by leveraging incorrect handling of permissions when generating core dumps for setuid binaries.

References

Affected packages

Ubuntu:14.04:LTS / apport

Package

Name: apport
Purl: pkg:deb/ubuntu/apport@2.14.1-0ubuntu3.11?arch=source&distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.14.1-0ubuntu3.11

Affected versions

2.*

2.12.5-0ubuntu2

2.12.6-0ubuntu1

2.12.7-0ubuntu1

2.12.7-0ubuntu2

2.12.7-0ubuntu3

2.12.7-0ubuntu6

2.13.1-0ubuntu1

2.13.1-0ubuntu2

2.13.2-0ubuntu2

2.13.2-0ubuntu3

2.13.2-0ubuntu4

2.13.2-0ubuntu5

2.13.3-0ubuntu1

2.14-0ubuntu1

2.14.1-0ubuntu1

2.14.1-0ubuntu2

2.14.1-0ubuntu3

2.14.1-0ubuntu3.1

2.14.1-0ubuntu3.2

2.14.1-0ubuntu3.3

2.14.1-0ubuntu3.4

2.14.1-0ubuntu3.5

2.14.1-0ubuntu3.6

2.14.1-0ubuntu3.7

2.14.1-0ubuntu3.8

2.14.1-0ubuntu3.9

2.14.1-0ubuntu3.10

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "apport"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "apport-gtk"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "apport-kde"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "apport-noui"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "apport-retrace"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "apport-valgrind"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "dh-apport"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "python-apport"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "python-problem-report"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "python3-apport"
        },
        {
            "binary_version": "2.14.1-0ubuntu3.11",
            "binary_name": "python3-problem-report"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2015/UBUNTU-CVE-2015-1324.json"