1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5931-1] systemd security update

    From Salvatore Bonaccorso@21:1/5 to All on Thu May 29 23:40:01 2025
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5931-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    May 29, 2025 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : systemd
    CVE ID : CVE-2025-4598
    Debian Bug : 1106785

    The Qualys Threat Research Unit (TRU) discovered that systemd-coredump
    is prone to a kill-and-replace race condition which may allow a local
    attacker to gain sensitive information from crashed SUID processes. Additionally systemd-coredump does not specify %d (the kernel's per-
    process "dumpable" flag) in /proc/sys/kernel/core_pattern allowing a
    local attacker to crash root daemons that fork() and setuid() to the
    attacker's uid and consequently gain read access to the resulting core
    dumps and therefore to sensitive information from memory of the root
    daemons.

    Details can be found in the Qualys advisory at https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt

    For the stable distribution (bookworm), this problem has been fixed in
    version 252.38-1~deb12u1.

    We recommend that you upgrade your systemd packages.

    For the detailed security status of systemd please refer to its security tracker page at:
    https://security-tracker.debian.org/tracker/systemd

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmg4zJ1fFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0S06RAAheycxs4GouWiVJpbNPHg8R7c4gTaU/l3fyED5z/yzgineHlcxF+UVtPU i1ZkBz3amPnyVdtZiRA6n+U3RyJtPQfYjP9p18wYZ+3KCkW73jkrtC3+VJAXskZq IZheydwIig6RcYJbM0SW7VpCLIB2Nw89ZH4oZRy5YyBu0nqWfFbDmaJc1+GZyHHF ILhpt75Aajx16Io8cHlGusQy7gN/n3FmM6PX2ETdkhKr6swMdZClja9jQmv0dh7s O0Sh/kMNGi+Ki+J+YeA72liY/P+TPsgMShPk7hD0yT/e/dmaiEnoyM0vPNKKRruy 7ESI15HFQP+DbrrzGjKYT3RMI7+3/tqyr29Y/MKBw6Bx+hGiI7rOsvmVo0iLS8aP J7X2g/qB+DK8LKPux6t32bY3xJMpAFX/ezgAJciaBUSVkrRctxZJfMERhCFSqiZf dqieq+Dh2k3/fNUca5cIMiDcUeEjR2SeXXusRqKgrxGjHplAFRWUidfAA8E/09+g jZrzdkwakoB/lL8pQqFMAcc5O9ocetnrjAod4tVFjbTx7+wrmSBJXxMehjc3MSM2 sz4J/Om8JCc18EJutZY8wCoh20i60iJaF1GiUnQCLJdybGhWZrHSUCJ/3cMJVrLa K0aGYg3WUKS1MEopM3etxD9v7R3JqhztD6kmcGVYlspI/bgqVTE=
    =545t
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)