Race Condition in Canonical Apport 2.32.0 leaks info via PID reuse
CVE-2025-5054 Published on May 30, 2025
Race Condition in Canonical Apport
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces.
When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).
Vulnerability Analysis
CVE-2025-5054 is exploitable with local system access, and requires small amount of user privileges. This vulnerability is consided to have a high level of attack complexity. Public availability of a proof of concept (POC) exploit exists for CVE-2025-5054. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.
Weakness Type
What is a Race Condition Vulnerability?
The program contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.
CVE-2025-5054 has been classified to as a Race Condition vulnerability or weakness.
Products Associated with CVE-2025-5054
Want to know whenever a new CVE is published for Canonical Apport? stack.watch will email you.
Affected Versions
Canonical Apport:- Version 2.20.1 and below 2.20.1-0ubuntu2.30+esm5 is affected.
- Version 2.20.9 and below 2.20.9-0ubuntu7.29+esm1 is affected.
- Version 2.20.11 and below 2.20.11-0ubuntu27.28 is affected.
- Version 2.20.11 and below 2.20.11-0ubuntu82.7 is affected.
- Version 2.28.1 and below 2.28.1-0ubuntu3.6 is affected.
- Version 2.30.0 and below 2.30.0-0ubuntu4.3 is affected.
- Version 2.32.0 and below 2.32.0-0ubuntu5.1 is affected.
- Version 2.32.0 and below 2.33.0-0ubuntu1 is affected.
- Version 2.20, <= 2.32.0 is affected.
Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.