CVE-2015-1318
38Vexday Risk Score
Patch soon. It has a working public exploit.
ssvc Attendepss 4.2%
from disclosure to weapon0 days
Published on NVDApr 17
1st PoCApr 14
metasploitMar 31
exploitation probability
4.2%top 10% of all CVEs
observed exploitation
nono source reports it
6 public exploit(s)
The crash reporting feature in Apport 2.13 through 2.17.x before 2.17.1 allows local users to gain privileges via a crafted usr/share/apport/apport file in a namespace (container).
Affected products
n/a · n/apublic PoCs found — 6
githubgithub.com/ScottyBauer/CVE-2015-1318★ 4cve_referencewww.exploit-db.com/exploits/36782/unverifiedcve_referencewww.exploit-db.com/exploits/43971/unverifiedexploitdbwww.exploit-db.com/exploits/36782unverifiedexploitdbwww.exploit-db.com/exploits/36746unverifiedexploitdbwww.exploit-db.com/exploits/43971unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
https://bugs.launchpad.net/ubuntu/%2Bsource/apport/%2Bbug/1438758http://seclists.org/fulldisclosure/2025/Jun/9https://launchpad.net/apport/trunk/2.17.1https://www.exploit-db.com/exploits/36782/https://www.exploit-db.com/exploits/43971/http://www.osvdb.org/120803http://www.ubuntu.com/usn/USN-2569-1