-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5931-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
May 29, 2025                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : systemd
CVE ID         : CVE-2025-4598
Debian Bug     : 1106785

The Qualys Threat Research Unit (TRU) discovered that systemd-coredump
is prone to a kill-and-replace race condition which may allow a local
attacker to gain sensitive information from crashed SUID processes.
Additionally systemd-coredump does not specify %d (the kernel's per-
process "dumpable" flag) in /proc/sys/kernel/core_pattern allowing a
local attacker to crash root daemons that fork() and setuid() to the
attacker's uid and consequently gain read access to the resulting core
dumps and therefore to sensitive information from memory of the root
daemons.

Details can be found in the Qualys advisory at
https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt

For the stable distribution (bookworm), this problem has been fixed in
version 252.38-1~deb12u1.

We recommend that you upgrade your systemd packages.

For the detailed security status of systemd please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/systemd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmg4zJ1fFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0S06RAAheycxs4GouWiVJpbNPHg8R7c4gTaU/l3fyED5z/yzgineHlcxF+UVtPU
i1ZkBz3amPnyVdtZiRA6n+U3RyJtPQfYjP9p18wYZ+3KCkW73jkrtC3+VJAXskZq
IZheydwIig6RcYJbM0SW7VpCLIB2Nw89ZH4oZRy5YyBu0nqWfFbDmaJc1+GZyHHF
ILhpt75Aajx16Io8cHlGusQy7gN/n3FmM6PX2ETdkhKr6swMdZClja9jQmv0dh7s
O0Sh/kMNGi+Ki+J+YeA72liY/P+TPsgMShPk7hD0yT/e/dmaiEnoyM0vPNKKRruy
7ESI15HFQP+DbrrzGjKYT3RMI7+3/tqyr29Y/MKBw6Bx+hGiI7rOsvmVo0iLS8aP
J7X2g/qB+DK8LKPux6t32bY3xJMpAFX/ezgAJciaBUSVkrRctxZJfMERhCFSqiZf
dqieq+Dh2k3/fNUca5cIMiDcUeEjR2SeXXusRqKgrxGjHplAFRWUidfAA8E/09+g
jZrzdkwakoB/lL8pQqFMAcc5O9ocetnrjAod4tVFjbTx7+wrmSBJXxMehjc3MSM2
sz4J/Om8JCc18EJutZY8wCoh20i60iJaF1GiUnQCLJdybGhWZrHSUCJ/3cMJVrLa
K0aGYg3WUKS1MEopM3etxD9v7R3JqhztD6kmcGVYlspI/bgqVTE=
=545t
-----END PGP SIGNATURE-----