Two information disclosure vulnerabilities have been discovered in the Linux core dump handlers, specifically in the Apport and systemd-coredump tools utilized by Ubuntu, Red Hat Enterprise Linux, and Fedora. These vulnerabilities, tracked as CVE-2025-5054 and CVE-2025-4598, are race condition bugs that could allow a local attacker to access sensitive data.
The vulnerabilities pose significant risks, enabling attackers to exploit programs with Set User ID (SUID) permissions to gain read access to core dumps. Specifically, an attacker could leverage these flaws to extract sensitive information such as hashed user passwords from files like /etc/shadow.
Here’s a quick breakdown of the two vulnerabilities:
-
CVE-2025-5054 (CVSS score: 4.7): This flaw exists in the Canonical Apport package, permitting local attackers to leak sensitive information by exploiting the PID-reuse technique in containerized environments.
-
CVE-2025-4598 (CVSS score: 4.7): This vulnerability is found in systemd-coredump and allows an attacker to manipulate a SUID process to trigger a crash, which in turn enables them to access the core dump generated by the original process.
Canonical has noted that if a local attacker successfully induces a crash in a privileged process, they may rapidly replace it with another process in the same PID namespace, leading to a confidentiality breach of the original process’s memory space.
While Red Hat has categorized CVE-2025-4598 as Moderate due to the complexity of its exploitation, they suggest mitigating actions such as disabling core dumps for SUID binaries by running the command echo 0 > /proc/sys/fs/suid_dumpable as the root user. This prevents SUID programs from generating core dumps upon crashing, although it also limits the ability to analyze crashes.
Qualys, which identified the vulnerabilities, has developed proof-of-concept code illustrating how attackers could exploit these issues to extract password hashes from the system.
Both Canonical and Red Hat have released advisories regarding the vulnerabilities, urging users to prioritize patching their systems and hardening their security measures. Organizations are advised to monitor their systems closely and enforce stringent access controls to mitigate the risks associated with these vulnerabilities, which could lead to significant operational issues and reputational damage.
Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.