CVE-2016-15045

lastore-daemon <0.9.66-1 - Privilege Escalation

Title source: llm

Description

A local privilege escalation vulnerability exists in lastore-daemon, the system package manager daemon used in Deepin Linux (developed by Wuhan Deepin Technology Co., Ltd.). In versions 0.9.53-1 (Deepin 15.5) and 0.9.66-1 (Deepin 15.7), the D-Bus configuration permits any user in the sudo group to invoke the InstallPackage method without password authentication. By default, the first user created on Deepin is in the sudo group. An attacker with shell access can craft a .deb package containing a malicious post-install script and use dbus-send to install it via lastore-daemon, resulting in arbitrary code execution as root.

Exploits (3)

exploitdb WORKING POC

by King's Way · pythonlocallinux

https://www.exploit-db.com/exploits/39433

View Code ZIP pw:eip

metasploit WORKING POC EXCELLENT

by King, , # Discovery and exploit · rubypoclinux

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by Metasploit · rubylocallinux

https://www.exploit-db.com/exploits/44523

View Code ZIP pw:eip

References (6)

[Various Sources] https://github.com/linuxdeepin/lastore-daemon

[Various Sources] https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/linux/local/lastore_daemon_dbus_priv_esc.rb

[Third Party Advisory] https://www.vulncheck.com/advisories/deepin-lastore-daemon-priv-esc

[Release Notes] https://www.deepin.org/en/mirrors/releases/

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/39433

[Exploit, Third Party Advisory] https://www.exploit-db.com/exploits/44523

Scores

EPSS 0.0138

EPSS Percentile 80.0%

Classification

CWE

CWE-269 CWE-306

Status draft

Timeline

Published Jul 23, 2025

Tracked Since Feb 18, 2026