Linux Bugs Expose Password Hashes in Core Dumps

Two newly discovered vulnerabilities in popular Linux distributions could allow local attackers to access sensitive data, including password hashes, security researchers have found. The flaws, tracked as CVE-2025-5054 and CVE-2025-4598, affect apport and systemd-coredump—core dump handling utilities used in Ubuntu, Red Hat Enterprise Linux (RHEL), and Fedora.

According to the Qualys Threat Research Unit, both bugs stem from race condition issues that occur during the core dumping process. This exploitation pathway could be used by attackers to capture memory contents from crashed processes, potentially revealing password hashes and other confidential information.

The vulnerabilities expose a critical information disclosure risk in systems that rely on these utilities for debugging and logging crash reports. While access requires local privileges, affected systems could be targeted in post-exploitation scenarios. Administrators are advised to monitor for updates from their respective distributions and apply patches promptly to mitigate exposure. Further technical details are available on The Hacker News website.