Techly NewsGet the app

Get the latest tech news

New Moderate Linux Flaw Allows Password Hash Theft Via Core Dumps in Ubuntu, RHEL, Fedora


An anonymous reader shared this report from The Hacker News: Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU). Tracked as CVE-2025-5054...

An anonymous reader shared this report from The Hacker News: Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU). "These race conditions allow a local attacker to exploit a SUID program and gain read access to the resulting core dump," Saeed Abbasi, manager of product at Qualys TRU, said... Red Hat said CVE-2025-4598 has been rated Moderate in severity owing to the high complexity in pulling an exploit for the vulnerability, noting that the attacker has to first win the race condition and be in possession of an unprivileged local account... Qualys has also developed proof-of-concept code for both vulnerabilities, demonstrating how a local attacker can exploit the coredump of a crashed unix_chkpwd process, which is used to verify the validity of a user's password, to obtain password hashes from the/etc/shadow file.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of ubuntu

ubuntu

Photo of rhel

rhel

Photo of core dumps

core dumps

Related news:

News photo

AlmaLinux 10.0 Stable Released - Unlike RHEL 10, It Continues Supporting x86-64-v2 CPUs

News photo

Red Hat Collaborates with SIFive on RISC-V Support, as RHEL 10 Brings AI Assistant and Post-Quantum Security

News photo

What would a Microsoft engineer do to Ubuntu? AnduinOS is the answer

« The Zach Attack Scratch 'N Solve Puzzle Pack
Intel reportedly investigates return to memory biz with Japan’s SoftBank »