New Linux Vulnerabilities

2025-06-03 11:07

They’re interesting: Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like Apport and systemd-coredump are designed to handle crash reporting and core dumps in Linux systems. […] “This means that if a local attacker manages to induce a crash in a privileged process and quickly replaces it with another one with the same process ID that resides inside a mount and pid namespace, apport will attempt to forward the core dump (which might contain sensitive information belonging to the original, privileged process) into the namespace.”...

News URL

https://www.schneier.com/blog/archives/2025/06/new-linux-vulnerabilities.html

#linux #vulnerabilities #CVE-2025-4598 #CVE-2025-5054

Related Vulnerability

DATE	CVE	VULNERABILITY TITLE	RISK
2025-05-30	CVE-2025-5054	Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced.	0.0
2025-05-30	CVE-2025-4598	A vulnerability was found in systemd-coredump.	0.0

Related vendor

VENDOR	LAST 12M	#/PRODUCTS	LOW	MEDIUM	HIGH	CRITICAL	TOTAL VULNS
Linux		11	69	3961	2015	67	6112