Two information disclosure defects were identified in to prevent And Systemd-CoredumpTHE nucleus The managers of Ubuntu, Red Hat Enterprise Linux and Fedora, according to the Research Unit on the threats of Qualys (TRI).
Monitoring like CVE-2025-5054 and CVE-2025-4598The two vulnerabilities are bugs of the race condition which could allow a local attacker to obtain access to access to sensitive information. Tools such as contribution and Systemd-Coredump are designed to manage crash reports and basic emptying in Linux systems.
“These racing conditions allow a local attacker to operate a Suid program and have access to the resulting core dump”, “Saeed Abbasi, product director at Quality Tru, said.
A brief description of the two faults is below –
- CVE-2025-5054 (CVSS Score: 4.7) – A race condition in the canonical package of appetites up to and including 2.32.0 which allows a local attacker to disclose sensitive information via pid -meuse by taking advantage of names of names
- CVE-2025-4598 (CVSS Score: 4.7) – A race condition in Systemd -Coredump which allows an attacker to force an Suid process to crash and replace it with a binary not followed to access the privileged process process of the original, allowing the attacker to read sensitive data, such as / etc.
Suid, abbreviation of set user id, is a special file authorization This allows a user to execute a program with the privileges of its owner, rather than their own authorizations.
“When analyzing application planting, bring to an attempt to detect whether the crash process worked inside a container before carrying out coherence checks”, Octavio Gallandical said.
“This means that if a local attacker manages to induce a crash in a privileged process and quickly replaces it with another by the same process ID which resides in a montage and a space of PID names, contribution will try to transmit basic emptying (which could contain sensitive information belonging to the privileged process of origin) in the space of names.”
Red Hat said that the CVE-2025-4598 has been assessed for moderate gravity due to the high complexity to draw a feat for vulnerability, noting that the attacker must first the race condition and be in possession of an unavied local account.
As an attenuations, Red Hat said that users can execute the command “Echo 0> / Proc / Sys / FS / Suid_duvable” as a root user to deactivate the capacity of a system to generate basic emptying for the Suid binaries.
The parameter ” / PROC / SYS / FS / Suid_dompable” essentially controls if the Suid programs can produce kernel emptying on the crash. By defining it over zero, it deactivates basic emptying for all Suid programs and preventing them from being analyzed in the event of a crash.
“Although this mitigates this vulnerability although it is not possible to update the Systemd package, it deactivates the ability to analyze accidents for such binary”, Red Hat said.
Similar advice was issued by Amazon Linux,, DebianAnd Gender. It should be noted that Debian Systems is not sensitive to the CVE-2025-4598 by default, because they include any basic emptying manager unless the Systemd-Coredump package is installed manually. CVE-2025-4598 does not affect the versions of Ubuntu.
Qualys has also developed a concept code of proof (POC) for both vulnerabilities, demonstrating how a local attacker can use the Coredump of a crushed UNIX_CHKPWD process, which is used to check the validity of a user’s password, to obtain password hash from the / etc / shadow file.
Canonical, in its own alert, said that the impact of the CVE-2025-5054 is limited to the confidentiality of the memory of the Suid executables and that the POC feat can flee the chopped user passwords has a real impact.
“The exploitation of vulnerabilities in Contribution and Systemd-Coredump can seriously compromise high-risk confidentiality, as attackers could extract sensitive data, such as passwords, encryption keys or customer information from basic emptying,” said Abbasi.
“The repercussions include operational arrest times, reputation damage and potential non-compliance with regulations. To alleviate these multifaceted risks, companies should adopt proactive security measures by prioritizing fixes and attenuations, applying robust surveillance and tightening access controls.”
