CVE-2025-4598
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2025-4598
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-4598.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-4598
- Related
- Published
- 2025-05-30T14:15:23Z
- Modified
- 2025-06-05T08:50:57.288345Z
- Downstream
- Summary
- [none]
- Details
-
A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.
A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.
- References
-
- https://bugzilla.redhat.com/show_bug.cgi?id=2369242
- https://access.redhat.com/security/cve/CVE-2025-4598
- https://www.openwall.com/lists/oss-security/2025/05/29/3
- http://www.openwall.com/lists/oss-security/2025/06/05/1
- http://www.openwall.com/lists/oss-security/2025/06/05/3
- https://security-tracker.debian.org/tracker/CVE-2025-4598
Affected packages
Debian:11 / systemd
Package
- Name
- systemd
- Purl
- pkg:deb/debian/systemd?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
247.*
247.3-6
247.3-7
247.3-7+deb11u1
247.3-7+deb11u2
247.3-7+deb11u3
247.3-7+deb11u4
247.3-7+deb11u5
247.3-7+deb11u6
247.9-1
247.9-2
247.9-3
247.9-4
Other
248-1
249~rc1-1
249~rc2-1
249~rc3-1
249-1
250~rc3-1
250-1
250-2
251~rc1-1
251~rc1-2
251~rc1-3
251~rc2-1
251~rc2-2
251~rc3-1
251~rc3-2
251-1
251-2
252~rc2-1
252~rc3-1
252~rc3-2
252-1
252-2
252-3
253~rc2-1
253~rc3-1
253-1
253-2
253-3
253-4
254~rc1-1
254~rc1-2
254~rc1-3
254~rc1-4
254~rc2-1
254~rc2-2
254~rc2-3
254~rc3-1
254~rc3-2
254~rc3-3
254-1
255~rc1-1
255~rc1-2
255~rc1-3
255~rc1-4
255~rc2-1
255~rc2-2
255~rc2-3
255~rc3-1
255~rc3-2
255~rc3-3
255~rc4-1
255~rc4-2
255-1
256~rc1-1~exp
256~rc1-1~exp2
256~rc2-1
256~rc2-2
256~rc2-3
256~rc3-1
256~rc3-2
256~rc3-3
256~rc3-4
256~rc3-5
256~rc3-6
256~rc3-7
256~rc4-1
256-1
256-2
257~rc1-1
257~rc1-2
257~rc1-3
257~rc1-4
257~rc2-1
257~rc2-2
257~rc2-3
257~rc3-1
257-1
257-2
248.*
248.1-1
248.2-1
248.3-1
249.*
249.1-1
249.2-1
249.2-2
249.3-1
249.3-2
249.3-3
249.3-4
249.4-1
249.4-2
249.5-1
249.5-2
249.6-1
249.6-2
249.6-3
249.7-1
250.*
250.1-2
250.2-1
250.2-2
250.2-3
250.3-1
250.3-2~bpo11+1
250.3-2
250.4-1~bpo11+1
250.4-1
251.*
251.1-1
251.2-1
251.2-2
251.2-3
251.2-4
251.2-5
251.2-6
251.2-7
251.2-8
251.3-1~bpo11+1
251.3-1
251.3-2~exp1
251.3-2~exp2
251.3-2
251.4-1
251.4-2
251.4-3
251.5-1
251.5-2
251.5-3
251.6-1
252.*
252.1-1
252.2-1
252.2-2
252.3-1
252.3-2
252.4-1~bpo11+1
252.4-1
252.4-2
252.5-1
252.5-2~bpo11+1
252.5-2
252.6-1
252.6-1+loong64
252.11-1~deb12u1
252.11-1
252.12-1~deb12u1
252.14-1~deb12u1
252.16-1~deb12u1
252.17-1~deb12u1
252.18-1~deb12u1
252.19-1~deb12u1
252.20-1~deb12u1
252.21-1~deb12u1
252.22-1~deb12u1
252.23-1~deb12u1
252.24-1~deb12u1
252.25-1~deb12u1
252.26-1~deb12u1
252.26-1~deb12u2~bpo11+1
252.26-1~deb12u2
252.27-1~deb12u1
252.28-1~deb12u1
252.29-1~deb12u1~bpo11+1
252.29-1~deb12u1
252.30-1~deb12u1
252.30-1~deb12u2
252.31-1~deb12u1
252.32-1~deb12u1
252.33-1~deb12u1
252.36-1~deb12u1
252.38-1~deb12u1
253.*
253.5-1
254.*
254.1-1
254.1-2
254.1-3
254.3-1
254.4-1
254.5-1~bpo12+1
254.5-1~bpo12+2
254.5-1~bpo12+3
254.5-1
254.14-1~bpo12+1
254.15-1~bpo12+1
254.16-1~bpo12+1
254.22-1~bpo12+1
254.26-1~bpo12+1
255.*
255.1-1
255.1-2
255.1-3
255.2-1
255.2-2
255.2-3
255.2-4
255.3-1
255.3-2
255.4-1
255.5-1
256.*
256.1-1
256.1-2
256.2-1
256.4-1
256.4-2
256.4-3
256.5-1
256.5-2
256.6-1
256.7-1
256.7-2
256.7-3
257.*
257.1-1
257.1-2
257.1-3
257.1-4
257.1-5
257.1-6
257.1-7
257.2-1
257.2-2
257.2-3
257.3-1
257.4-1
257.4-2
257.4-3
257.4-4
257.4-5
257.4-6
257.4-7
257.4-8
257.4-9
257.5-1
257.5-2
257.6-1
Debian:12 / systemd
Package
- Name
- systemd
- Purl
- pkg:deb/debian/systemd?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed252.38-1~deb12u1
Affected versions
252.*
252.6-1
252.6-1+loong64
252.11-1~deb12u1
252.11-1
252.12-1~deb12u1
252.14-1~deb12u1
252.16-1~deb12u1
252.17-1~deb12u1
252.18-1~deb12u1
252.19-1~deb12u1
252.20-1~deb12u1
252.21-1~deb12u1
252.22-1~deb12u1
252.23-1~deb12u1
252.24-1~deb12u1
252.25-1~deb12u1
252.26-1~deb12u1
252.26-1~deb12u2~bpo11+1
252.26-1~deb12u2
252.27-1~deb12u1
252.28-1~deb12u1
252.29-1~deb12u1~bpo11+1
252.29-1~deb12u1
252.30-1~deb12u1
252.30-1~deb12u2
252.31-1~deb12u1
252.32-1~deb12u1
252.33-1~deb12u1
252.36-1~deb12u1
Debian:13 / systemd
Package
- Name
- systemd
- Purl
- pkg:deb/debian/systemd?arch=source
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed257.6-1
Affected versions
252.*
252.6-1
252.6-1+loong64
252.11-1~deb12u1
252.11-1
252.12-1~deb12u1
252.14-1~deb12u1
252.16-1~deb12u1
252.17-1~deb12u1
252.18-1~deb12u1
252.19-1~deb12u1
252.20-1~deb12u1
252.21-1~deb12u1
252.22-1~deb12u1
252.23-1~deb12u1
252.24-1~deb12u1
252.25-1~deb12u1
252.26-1~deb12u1
252.26-1~deb12u2~bpo11+1
252.26-1~deb12u2
252.27-1~deb12u1
252.28-1~deb12u1
252.29-1~deb12u1~bpo11+1
252.29-1~deb12u1
252.30-1~deb12u1
252.30-1~deb12u2
252.31-1~deb12u1
252.32-1~deb12u1
252.33-1~deb12u1
252.36-1~deb12u1
252.38-1~deb12u1
Other
253~rc2-1
253~rc3-1
253-1
253-2
253-3
253-4
254~rc1-1
254~rc1-2
254~rc1-3
254~rc1-4
254~rc2-1
254~rc2-2
254~rc2-3
254~rc3-1
254~rc3-2
254~rc3-3
254-1
255~rc1-1
255~rc1-2
255~rc1-3
255~rc1-4
255~rc2-1
255~rc2-2
255~rc2-3
255~rc3-1
255~rc3-2
255~rc3-3
255~rc4-1
255~rc4-2
255-1
256~rc1-1~exp
256~rc1-1~exp2
256~rc2-1
256~rc2-2
256~rc2-3
256~rc3-1
256~rc3-2
256~rc3-3
256~rc3-4
256~rc3-5
256~rc3-6
256~rc3-7
256~rc4-1
256-1
256-2
257~rc1-1
257~rc1-2
257~rc1-3
257~rc1-4
257~rc2-1
257~rc2-2
257~rc2-3
257~rc3-1
257-1
257-2
253.*
253.5-1
254.*
254.1-1
254.1-2
254.1-3
254.3-1
254.4-1
254.5-1~bpo12+1
254.5-1~bpo12+2
254.5-1~bpo12+3
254.5-1
254.14-1~bpo12+1
254.15-1~bpo12+1
254.16-1~bpo12+1
254.22-1~bpo12+1
254.26-1~bpo12+1
255.*
255.1-1
255.1-2
255.1-3
255.2-1
255.2-2
255.2-3
255.2-4
255.3-1
255.3-2
255.4-1
255.5-1
256.*
256.1-1
256.1-2
256.2-1
256.4-1
256.4-2
256.4-3
256.5-1
256.5-2
256.6-1
256.7-1
256.7-2
256.7-3
257.*
257.1-1
257.1-2
257.1-3
257.1-4
257.1-5
257.1-6
257.1-7
257.2-1
257.2-2
257.2-3
257.3-1
257.4-1
257.4-2
257.4-3
257.4-4
257.4-5
257.4-6
257.4-7
257.4-8
257.4-9
257.5-1
257.5-2