CVE-2025-4598 Systemd-coredump: race condition that allows a local attacker to crash a suid program and gain read access to the resulting core dump

🗓️ 30 May 2025 13:13:26Reported by redhatType

Vulnerability in systemd-coredump allows attacker to access sensitive data via crashed SUID process.

Reporter	Title	Published	Views	Family All 166
IBM Security Bulletins	Security Bulletin: Security vulnerabilities due to SQLite3 (CVE-2025-6965), pam_namespace (CVE-2025-6020), systemd-coredump (CVE-2025-4598) and Perl (CVE-2025-40909) packages shipped with IBM CICS TX Advanced.	9 Sep 202517:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Operator package issues	27 Feb 202615:56	–	ibm
IBM Security Bulletins	Security Bulletin: CVE-2025-4598	19 Nov 202514:34	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container UBI updates	5 Feb 202612:52	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities exists in IBM Cloud Pak for Data System (CPDS 1.0) - Cyclops.	26 May 202606:40	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Watson Speech Services Cartridge is vulnerable to multiple Base OS issues	27 Feb 202615:52	–	ibm
ATTACKERKB	CVE-2025-4598	30 May 202514:15	–	attackerkb
Tenable Nessus	AlmaLinux 9 : systemd (ALSA-2025:22660)	4 Dec 202500:00	–	nessus
Tenable Nessus	Debian dla-4259 : libnss-myhostname - security update	30 Jul 202500:00	–	nessus
Tenable Nessus	Debian dsa-5931 : libnss-myhostname - security update	29 May 202500:00	–	nessus

[
  {
    "versions": [
      {
        "status": "affected",
        "version": "0",
        "lessThan": "252.37",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "253.0",
        "lessThan": "253.32",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "254.0",
        "lessThan": "254.25",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "255.0",
        "lessThan": "255.19",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "256.0",
        "lessThan": "256.14",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "257.0",
        "lessThan": "257.6",
        "versionType": "semver"
      }
    ],
    "packageName": "systemd-coredump",
    "collectionURL": "https://github.com/systemd/systemd",
    "defaultStatus": "unaffected"
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "systemd",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:257-23.el10",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10.2"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "systemd",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:252-55.el9_7.7",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/o:redhat:enterprise_linux:9::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "systemd",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "0:252-55.el9_7.7",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:enterprise_linux:9::appstream",
      "cpe:/o:redhat:enterprise_linux:9::baseos"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Ceph Storage 7",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "rhceph/rhceph-7-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "7",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:ceph_storage:7::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Ceph Storage 8",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "rhceph/rhceph-8-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "8",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:ceph_storage:8::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Ceph Storage 8",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "rhceph/rhceph-8-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1769512383",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:ceph_storage:8::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Discovery 2",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "discovery/discovery-server-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1767888970",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:discovery:2::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Discovery 2",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "discovery/discovery-ui-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1767904573",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:discovery:2::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Insights proxy 1.5",
    "collectionURL": "https://catalog.redhat.com/software/containers/",
    "packageName": "insights-proxy/insights-proxy-container-rhel9",
    "defaultStatus": "affected",
    "versions": [
      {
        "version": "1.5.9-1765201856",
        "lessThan": "*",
        "versionType": "rpm",
        "status": "unaffected"
      }
    ],
    "cpes": [
      "cpe:/a:redhat:insights_proxy:1.5::el9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "NetworkManager",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 10",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rpm-ostree",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:10"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "NetworkManager",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "systemd",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "systemd",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "NetworkManager",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "rhcos",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 4",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "systemd",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:openshift:4"
    ]
  }
]

Source	Link
access	www.access.redhat.com/errata/RHSA-2026:18153
openwall	www.openwall.com/lists/oss-security/2025/05/29/3
access	www.access.redhat.com/errata/RHSA-2025:23234
access	www.access.redhat.com/security/cve/CVE-2025-4598
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
access	www.access.redhat.com/errata/RHSA-2025:22868
access	www.access.redhat.com/errata/RHSA-2025:23227
access	www.access.redhat.com/errata/RHSA-2025:22660
access	www.access.redhat.com/errata/RHSA-2026:0414
access	www.access.redhat.com/errata/RHSA-2026:1652

02 Jun 2026 15:37Current

CVSS 3.14.7

EPSS0.00112

CWE-364