Close Menu
Indo Guard OnlineIndo Guard Online
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
What's Hot

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
Facebook X (Twitter) Instagram
Facebook X (Twitter) Instagram YouTube
Indo Guard OnlineIndo Guard Online
Subscribe
  • Home
  • Cyber Security
  • Risk Management
  • Travel
  • Security News
  • Tech
  • More
    • Data Privacy
    • Data Protection
    • Global Security
Indo Guard OnlineIndo Guard Online
Home » The new flaws of Linux allow password theft through the main landfills in Ubuntu, Rhel, Fedora
Global Security

The new flaws of Linux allow password theft through the main landfills in Ubuntu, Rhel, Fedora

AdminBy AdminMay 31, 2025No Comments4 Mins Read
Linux Flaws
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link


May 31, 2025Red LakshmananVulnerability / linux

Disadvantages Linux

Two disadvantages of information about disclosure were discovered contribution and Systemd-Coredump. The main dump According to the threat study unit (TRU) in Ubuntu, Red Hat Enterprise Linux and Fedora.

Tracked as Cve-2025-5054 and Cve-2025-4598Both vulnerabilities are errors that can allow a local attacker to access confidential information. Tools such as Caport and Systemd-Coredump designed to handle reporting and basic debris in Linux Systems.

“These racing conditions allow the local attacker to use the Suid program and access read access to the received basic debris,” Said Abasi, the product manager in Quals Tru, – Note.

Cybersecurity

A brief description of the two disadvantages below –

  • Cve-2025-5054 (CVSS assessment: 4.7) – Condition of the race in the canonical biring package and including 2.32.0, allowing local attackers leak through PID – use using spaces
  • Cve-2025-4598 (CVSS assessment: 4.7) -otop race in system work that allows the attacker to force the Suid process to break up and replace it with an inferior binary to access

SUID, Short for the established user ID, this special The file permit This allows the user to fulfill the program with the privileges of his owner, not his own permits.

“When analyzing app failures, Sport tries to find out whether the process of cracking into the container before conducting the coherence on it,” Canonical’s Actavio Galland – Note.

“This means that if a local attacker manages to call a disaster in the privileged process and quickly replace it with the same process that is in the mounting and PID name, the conversation will try to send a basic dump (which can contain sensitive information belonging to the original, privileged process.”

Red Hat said the CVE-2025-4598 was assessed moderately due to high complexity in pulling the feats for vulnerability, noting that the attacker must first condition the race and possess an invalid local account.

As a softening, Red Hat said users can launch the “Echo 0>/Sys/FS/Suid_dumpable” command as a root user to disable the system to create a major dump for Suid Binary.

The parameter “/PROC/SYS/FS/Suid_dumpable” is essentially managing whether the Suid programs can produce major landfills during the accident. By setting it to zero, it disables the main landfills for all Suid programs and does not allow them to analyze in the event of an accident.

“Although it softens this vulnerability, while it is impossible to update the SystemD package, it disables the accidents analyzing for such binary files,” Red Hat Hat – Note.

Similar recommendations have been issued Amazon Linux. Lunchand Giant. It is worth noting that the default Debian Systems is not amenable to Cve-2025-4598, because they do not include any Dump Core handler if the Systemd-Cordump package is not installed manually. Cve-2025-4598 does not affect Ubuntu issues.

Cybersecurity

Qualys also developed the evidence code of the concept (POC) for both vulnerabilities, demonstrating how the local attacker can use Coredump cut off the Unix_chkpwd process that used to check the user’s password to get a password hashos from the file /etc. /Shadow.

Canonical, in the alarm, said the influence of the CVE-2025-5054 is limited to the confidentiality of the memory of the caused SUID files, and that POC Exploit can be traced with hash passwords that have a limited impact in the real world.

“The exploitation of the vulnerabilities in the conversation and Systemd-CoreDump can seriously endanger the privacy at high risk, as attackers can extract sensitive data, such as passwords, encryption keys, or customer information from major landfills,” Abbas said.

“The fall includes an operational time of downtime, reputational damage and potential failure to comply with the rules. To mitigate these multifaceted risks, which effectively must take active security measures, giving priorities and softening, providing reliable monitoring and increased access control.”

Found this article interesting? Keep track of us further Youter  and LinkedIn To read more exclusive content we publish.





Source link

Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Admin
  • Website

Related Posts

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025

Why are more security leaders choose AEV

June 6, 2025

New data Wiper Pathwiper Data Wiper violates Ukrainian critical infrastructure in 2025 attack

June 6, 2025

Popular Chrome Extensions API leaks, user data via HTTP and Hard Codes

June 5, 2025
Add A Comment
Leave A Reply Cancel Reply

Loading poll ...
Coming Soon
Do You Like Our Website
: {{ tsp_total }}

Subscribe to Updates

Get the latest security news from Indoguardonline.com

Latest Posts

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025

Why are more security leaders choose AEV

June 6, 2025

New data Wiper Pathwiper Data Wiper violates Ukrainian critical infrastructure in 2025 attack

June 6, 2025

Popular Chrome Extensions API leaks, user data via HTTP and Hard Codes

June 5, 2025

Researchers in detail in detail decisively developing tactics as it expands its geographical volume

June 5, 2025

Iran related

June 5, 2025
About Us
About Us

Provide a constantly updating feed of the latest security news and developments specific to Indonesia.

Facebook X (Twitter) Pinterest YouTube WhatsApp
Our Picks

New company Atomic MacOS Campation Exploaits Clickfix to focus on Apple users

June 6, 2025

Microsoft helps CBI disassemble the Indian Centers for Japanese Technical Support

June 6, 2025

Expand users’ capabilities and protect against Genai data loss

June 6, 2025
Most Popular

In Indonesia, crippling immigration ransomware breach sparks privacy crisis

July 6, 2024

Why Indonesia’s Data Breach Crisis Calls for Better Security

July 6, 2024

Indonesia’s plan to integrate 27,000 govt apps in one platform welcomed but data security concerns linger

July 6, 2024
© 2025 indoguardonline.com
  • Home
  • About us
  • Contact us
  • Privacy Policy

Type above and press Enter to search. Press Esc to cancel.