CVE-2025-5054

Name of the Vulnerable Software and Affected Versions Canonical apport versions up to and including 2.32.0

Description A race condition in Canonical apport allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. The issue arises when handling a crash, as the function check global pid and forward is called before consistency checks, potentially allowing apport to forward the core dump to a container and leak sensitive information. To address this, consistency checks is now called before check global pid and forward. Additionally, crashes are only forwarded to containers if the kernel provided a pidfd or if the crashing process was unprivileged.

Recommendations For versions up to and including 2.32.0, update to a version where consistency checks is called before check global pid and forward and crashes are only forwarded to containers under specific conditions. As a temporary workaround, consider restricting the use of the check global pid and forward function until a patch is available. Avoid using the dump mode parameter in a way that could allow privileged crashes to be forwarded to containers.