Two critical information disclosure vulnerabilities, identified as CVE-2025-5054 and CVE-2025-4598, have been discovered in the core dump handlers of popular Linux distributions, including Ubuntu, Red Hat Enterprise Linux, and Fedora.

The exploitation of these vulnerabilities could allow local attackers to gain unauthorized access to sensitive data stored in core dumps, such as passwords and encryption keys, potentially leading to severe organizational impacts like data breaches, reputational damage, and financial loss.

Despite existing security mechanisms, these vulnerabilities enable hackers to bypass protections, leaving critical user data exposed.

Core dumps, which capture snapshots of a process's memory during crashes, can contain sensitive information, making them attractive targets for cybercriminals.

Both vulnerabilities are classified as race-condition types, where timing issues can result in unexpected and dangerous behaviors.

In response, Canonical has released updates for the apport package across all affected Ubuntu releases and urges users to upgrade their packages promptly.

Advisories regarding these vulnerabilities have also been issued by Gentoo, Amazon Linux, and Debian, although Debian systems are generally safe unless specific core dump handlers are manually installed.

The potential consequences of these vulnerabilities underscore the importance of proactive cybersecurity measures to protect sensitive information and maintain compliance.

Organizations are advised to apply patches as soon as they are available and consider implementing passwordless authentication to enhance overall security.

To combat these cybersecurity challenges, companies are encouraged to invest in employee training and emerging defense technologies, such as AI.

Qualys recommends disabling core dumps for SUID processes by setting the parameter /proc/sys/fs/suid_dumpable to 0 to mitigate risks associated with these vulnerabilities.

Experts warn that outdated or unpatched systems remain prime targets for exploitation, emphasizing the need for timely updates and enhanced access controls.