3175x175(CURRENT).thumb.jpg.b05acc060982b36f5891ba728e6d953c.jpg)
When programs crash on Linux, they usually create a core dump containing the program’s memory at crash time to help developers resolve problems. This is crucial for developers so they can address bugs, but right now, the program responsible for creating core dumps in Ubuntu and Ubuntu-based distributions like AnduinOS, are also vulnerable to a new exploit.
The bug has been tagged with the CVE number CVE-2025-5054 and has a CVSS score of 4.7 (MEDIUM). This bug is inherently harder to exploit because it requires local access to the victim’s computer. Furthermore, Qualys, which discovered the fault, showed off a demo where it was able to leak hashed user passwords. While this isn’t great, the real-world impact is limited.
How the vulnerability works
Qualys found that when apport analyzes application crashes, it has a look if the process was running inside a container before performing consistency checks on it. If an attacker can manage to crash a program within a privileged process and quickly replaces it with the same process ID and residing in both a mount and PID namespace, they can get apport to forward the core dump to them via the namespace. The core dump may contain sensitive information from the privileged process.
Aside from the attacker only being able to perform this locally, they must also have significant permissions to carry out the attack, limiting the damage that the issue can cause.
What to do about it
Thankfully, Canonical’s security team has already published updates for apport to fix this issue on all affected Ubuntu releases, including Ubuntu Desktop and Ubuntu Server. If you have unattended upgrades switched on, you may already be patched, but if you’re not sure, just check for and apply the latest updates with this command:
sudo apt update && sudo apt upgrade
If you can’t apply all available updates for whatever reason, then you can run these commands to just update apport:
Ubuntu 20.04 and newer:
sudo apt update && sudo apt install --only-upgrade apport python3-apport
Ubuntu 16.04 and Ubuntu 18.04:
sudo apt update && sudo apt install --only-upgrade apport python3-apport python-apport
Do you need to rush to install this update?
Given the limited impact of this vulnerability, you’re likely to be fine if you don’t patch right away. With that said, it only takes a couple of minutes to perform the update and it’s good for peace of mind. You may also have more critical updates ready to install to that you haven’t noticed so updating promptly is recommended to catch those too.
Hope you enjoyed this news post.
Thank you for appreciating my time and effort posting news every day for many years.
News posts... 2023: 5,800+ | 2024: 5,700+ | 2025 (till end of May): 2,377
RIP Matrix | Farewell my friend
Recommended Comments
There are no comments to display.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.