<ul><li>Two information disclosure vulnerabilities were discovered in Apport and core-dump handler, affecting Ubuntu, Fedora, and Red Hat.</li><li>The vulnerabilities, CVE-2025-5054 and CVE-2025-4598, are race condition bugs that allow threat actors to access sensitive information.</li><li>Mitigations are available for the vulnerabilities, advising users to secure core dumps, implement strict PID validation, and enforce restrictions on accessing SUID/SGID core files.</li><li>Qualys developed proof-of-concept for both vulnerabilities and system administrators are urged to take necessary security measures.</li></ul>

Key Linux systems may have security flaws which allow password theft

Discover more