How severe is CVE-2025-4598?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 4.7 out of 10.

What type of vulnerability is CVE-2025-4598?

This is classified as CWE-364, which is a common weakness in software security.

CVE-2025-4598

MEDIUM Year: 2025

CVSS v3 Score

4.7

Medium

Weakness Type

CWE-364

View all →

Vulnerability Description

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.

CVE-2019-3805

MEDIUM

CVSS:5.5(Medium)

A flaw was discovered in wildfly versions up to 16.0.0.Final that would allow local users who are able to execute init.d script to terminate arbitrary processes on the system. An attacker could exploi...

CWE-3642019

CVE-2020-14317

MEDIUM

CVSS:5.5(Medium)

It was found that the issue for security flaw CVE-2019-3805 appeared again in a further version of JBoss Enterprise Application Platform - Continuous Delivery (EAP-CD) introducing regression. An attac...

CWE-3642020

CVE-2023-1285

MEDIUM

CVSS:5.9(Medium)

Signal Handler Race Condition vulnerability in Mitsubishi Electric India GC-ENET-COM whose first 2 digits of 11-digit serial number of unit are "16" allows a remote unauthenticated attacker to cause a...

CWE-3642023

CVE-2023-5676

MEDIUM

CVSS:5.9(Medium)

In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the ...

CWE-3642023

CVE-2024-6387

HIGH

CVSS:8.1(High)

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote at...

CWE-3642024

CVE-2024-6409

HIGH

CVSS:7.0(High)

A race condition vulnerability was discovered in how signals are handled by OpenSSH's server (sshd). If a remote attacker does not authenticate within a set time period, then sshd's SIGALRM handler is...

CWE-3642024

CVE-2025-4598

Vulnerability Description

Related Vulnerabilities

CVE-2019-3805

CVE-2020-14317

CVE-2023-1285

CVE-2023-5676

CVE-2024-6387

CVE-2024-6409