7
CVSSv3

CVE-2015-1325

CVSSv4: NA | CVSSv3: 7 | CVSSv2: 6.9 | VMScore: 800 | EPSS: 0.00045 | KEV: Not Included
Published: 25/08/2017 Updated: 21/11/2024

Vulnerability Summary

Race condition in Apport prior to 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, prior to 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, prior to 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and prior to 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges.

Vulnerable Product Search on Vulmon Subscribe to Product

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 14.10

canonical ubuntu linux 15.04

Vendor Advisories

Apport could be tricked into creating arbitrary files as an administrator, resulting in privilege escalation ...

Exploits

/* # Exploit Title: apport/ubuntu local root race condition # Date: 2015-05-11 # Exploit Author: rebel # Version: ubuntu 1404, 1410, 1504 # Tested on: ubuntu 1404, 1410, 1504 # CVE : CVE-2015-1325 *=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=* CVE-2015-1325 / apport-pid-racec apport race conditions ubuntu local root tested o ...

Github Repositories

Linux Kernel Concurrency Vulnerabilities: Detection and Mitigation Project Overview This project explores concurrency vulnerabilities in the Linux kernel, focusing on two critical vulnerabilities: CVE-2015-1325 (Keyring Race Condition) and CVE-2016-5195 (Dirty COW) The project covers the discovery, exploitation, and mitigation of these vulnerabilities and provides in-depth ana

Linux Kernel Concurrency Vulnerabilities: Detection and Mitigation Project Overview This project explores concurrency vulnerabilities in the Linux kernel, focusing on two critical vulnerabilities: CVE-2015-1325 (Keyring Race Condition) and CVE-2016-5195 (Dirty COW) The project covers the discovery, exploitation, and mitigation of these vulnerabilities and provides in-depth ana