Linux Core Dump Flaws Threaten Password and Data Security

May 31, 2025 at 10:19 AM

•

1 min read

Linux Core Dump Flaws Threaten Password and Data Security — Photo: The Hacker News

TL;DR Summary

Two race condition vulnerabilities in Linux core dump handlers (apport and systemd-coredump) could allow local attackers to access sensitive information, including password hashes, on Ubuntu, RHEL, and Fedora systems. Mitigations include disabling core dumps for SUID binaries, and patches are recommended to prevent exploitation.

Topics:business #apport #core-dump #linux #password-theft #security #vulnerabilities

Share this article

New Linux Flaws Allow Password Hash Theft via Core Dumps in Ubuntu, RHEL, Fedora The Hacker News
Two Linux flaws can lead to the disclosure of sensitive data Security Affairs
Qualys TRU Discovers Two Local Information Disclosure Vulnerabilities in Apport and systemd-coredump: CVE-2025-5054 and CVE-2025-4598 Qualys
Linux Crash Dump Flaws Expose Passwords, Encryption Keys Bank Info Security

Reading Insights

Total Reads

Unique Readers

Time Saved

3 min

vs 4 min read

Condensed

93%

670 → 44 words

Want the full story? Read the original article

Read on The Hacker News

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights