Bookmark Article
Two information disclosure flaws, CVE-2025-5054 and CVE-2025-4598, have been discovered in the crash reporting tools apport and systemd-coredump in Ubuntu, Red Hat Enterprise Linux, and Fedora, allowing local attackers to access sensitive information through race condition exploits. While Red Hat rated CVE-2025-4598 as Moderate in severity due to the complexity of the exploit, Canonical has released updates for the affected Ubuntu releases, urging users to upgrade their packages. Additionally, advisories were issued by Gentoo, Amazon Linux, and Debian, with Debian being less susceptible by default to CVE-2025-4598.
