CVE-2025-4598
Severity
4.7MEDIUM
EPSS
0.1%
top 72.41%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMay 30
Latest updateJul 15
Description
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.
A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the proc…
CVSS vector
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.0 | Impact: 3.6
Affected Packages4 packages
Also affects: Debian Linux 11.0, 12.0, Enterprise Linux 10.0, 7.0, 8.0, 9.0, Openshift Container Platform 4.0
🔴Vulnerability Details
3CVEList▶
Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump↗2025-05-30
📋Vendor Advisories
5Red Hat▶
systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump↗2025-05-29
Microsoft▶
Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump↗2025-05-13
Debian▶
CVE-2025-4598: systemd - A vulnerability was found in systemd-coredump. This flaw allows an attacker to f...↗2025
🕵️Threat Intelligence
3Qualys▶
Qualys TRU Discovers Two Local Information Disclosure Vulnerabilities in Apport and systemd-coredump: CVE-2025-5054 and CVE-2025-4598 | Qualys↗2025-05-29
Qualys▶
Qualys TRU Discovers Two Local Information Disclosure Vulnerabilities in Apport and systemd-coredump: CVE-2025-5054 and CVE-2025-4598↗2025-05-29