Two information disclosure flaws have been identified in apport and systemd-coredump, the core dump handlers in Ubuntu, Red Hat Enterprise Linux, and Fedora, according to the Qualys Threat Research Unit (TRU). Tracked as CVE-2025-5054 and CVE-2025-4598, both vulnerabilities are race condition bugs that could enable a local attacker to obtain access to access sensitive information. Tools like
![]()
source https://thehackernews.com/2025/05/new-linux-flaws-allow-password-hash.html
source https://thehackernews.com/2025/05/new-linux-flaws-allow-password-hash.html