High severity7.0NVD Advisory· Published Aug 6, 2020· Updated Jun 17, 2026
CVE-2020-15702
CVE-2020-15702
Description
TOCTOU Race Condition vulnerability in apport allows a local attacker to escalate privileges and execute arbitrary code. An attacker may exit the crashed process and exploit PID recycling to spawn a root process with the same PID as the crashed process, which can then be used to escalate privileges. Fixed in 2.20.1-0ubuntu2.24, 2.20.9 versions prior to 2.20.9-0ubuntu7.16 and 2.20.11 versions prior to 2.20.11-0ubuntu27.6. Was ZDI-CAN-11234.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: 2.20.1
Patches
Vulnerability mechanics
References
5- usn.ubuntu.com/4449-1nvdVendor Advisory
- usn.ubuntu.com/4449-1/nvdVendor Advisory
- usn.ubuntu.com/4449-2/nvdVendor Advisory
- www.zerodayinitiative.com/advisories/ZDI-20-979/nvdThird Party AdvisoryVDB Entry
- seclists.org/fulldisclosure/2025/Jun/9nvd
News mentions
0No linked articles in our index yet.