CVE-2016-15045
Deepin lastore-daemon Privilege Escalation via Unsigned .deb Installation
We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
Deepin lastore-daemon Privilege Escalation via Unsigned .deb Installation
A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux (developed by Wuhan Deepin Technology Co., Ltd.). In versions 0.9.53-1 (Deepin 15.5) and 0.9.66-1 (Deepin 15.7), the D-Bus configuration permits any user in the sudo group to invoke the InstallPackage method without password authentication. By default, the first user created on Deepin is in the sudo group. An attacker with shell access can craft a .deb package containing a malicious post-install script and use dbus-send to install it via lastore-daemon, resulting in arbitrary code execution as root.
Reserved 2025-07-22 | Published 2025-07-23 | Updated 2025-07-23 | Assigner VulnCheckCWE-306 Missing Authentication for Critical Function
CWE-269 Improper Privilege Management
King's Way
www.exploit-db.com/exploits/39433
raw.githubusercontent.com/...lastore_daemon_dbus_priv_esc.rb
github.com/linuxdeepin/lastore-daemon
www.deepin.org/en/mirrors/releases/
www.exploit-db.com/exploits/44523
www.vulncheck.com/advisories/deepin-lastore-daemon-priv-esc
Support options
