CVE-2015-1325
Description
Race condition in Apport before 2.17.2-0ubuntu1.1 as packaged in Ubuntu 15.04, before 2.14.70ubuntu8.5 as packaged in Ubuntu 14.10, before 2.14.1-0ubuntu3.11 as packaged in Ubuntu 14.04 LTS, and before 2.0.1-0ubuntu17.9 as packaged in Ubuntu 12.04 LTS allow local users to write to arbitrary files and gain root privileges.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Apport (Ubuntu 14.04/14.10/15.04) - Race Condition Privilege Escalation
OS impact
Ubuntu Affected 4 releases
| Version | Status | Fixed in |
|---|---|---|
| 15.04 | Affected | โ |
| 14.10 | Affected | โ |
| 14.04 | Affected | โ |
| 12.04 | Affected | โ |
References
- http://www.openwall.com/lists/oss-security/2015/05/21/10
- http://www.securityfocus.com/bid/74769
- http://www.ubuntu.com/usn/USN-2609-1
- https://www.exploit-db.com/exploits/37088/
- http://seclists.org/fulldisclosure/2025/Jun/9
- http://www.openwall.com/lists/oss-security/2015/05/21/10
- http://www.securityfocus.com/bid/74769
- http://www.ubuntu.com/usn/USN-2609-1
- https://www.exploit-db.com/exploits/37088/
CWEs
CWE-362
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.