- Two vulnerabilities of information disclosure were found in Contribution and Core-Dump Handler
- They affect Ubuntu, Fedora and Red Hat
- Attenuations are available, users are therefore advised to take a look
Quatty cybersecurity researchers have discovered two vulnerabilities of disclosure of information distressing different Linux distros.
The faults, which are both bugs of the race condition, allow threat actors to access sensitive information.
The first is in the main handling of Ubuntu, contribution, and is followed as CVE-2025-5054. The second is in the default core manager on Red Hat Enterprise Linux 9 and 10, as well as on Fedora. It is followed as CVE-2025-4598.
Trigger a crash
Contribution is an error ratio tool in Ubuntu which automatically collects crash data and system information, while Systemd-Coredump captures and stores the main emptying of the processes placed for subsequent debugging and analysis.
As Qualy explained, for contribution – Ubuntu 24.04 is vulnerable. The versions up to 2.33.0 are affected, as well as each version of Ubuntu from 16.04. For Systemd-Coredump, Fedora 40/41 and Red Hat Enterprise Linux 9, and the recently published RHEL 10 are all vulnerable. Debian systems are not vulnerable by default, added qualities, as they do not include core managers.
In theory, an attacker could trigger a crash in a privileged process, then quickly replace the crushed process before the nucleus manager intervenes.
In this way, attackers could access the basic emptying that could include sensitive information, such as passwords.
In addition, since Systemd-Coredump does not properly validate the “hardy” flag by nucleus process, a threat actor could crush the root demons which for and define UID on their own user ID. In this way, they could read sensitive memory from critical processes.
Qualys has developed concept proof (POC) for the two vulnerabilities and said that to alleviate vulnerabilities, system administrators must ensure that basic emptying is in complete safety, implement strict PID validation and applies restrictions on access to SUID / SGID Core files.
More details on potential attenuations and execution orders to secure the infrastructure can be found on this link.
Via The Hacker News
