Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the crashing process resided in a container, was being called before `consistency_checks`, which attempts to detect if the crashing process had been replaced. Because of this, if a process crashed and was quickly replaced with a containerized one, apport could be made to forward the core dump to the container, potentially leaking sensitive information. `consistency_checks` is now being called before `_check_global_pid_and_forward`. Additionally, given that the PID-reuse race condition cannot be reliably detected from userspace alone, crashes are only forwarded to containers if the kernel provided a pidfd, or if the crashing process was unprivileged (i.e., if dump mode == 1).
Conclusion & alert: CVE-2025-5054 is rated Exploit Available (50/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.01%). Core evidence: 1 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.
Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.
| EDB-ID | Source | Kind | Published | Link |
|---|---|---|---|---|
| — | nvd_ref | exploit_tag | Exploit-DB ↗ |
EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).
| # | Date | Old EPSS score | New EPSS score | Delta (New - Old) |
|---|---|---|---|---|
| 1 | 2025-05-31 | — | 0.01% | — |
Full EPSS history (1 record total)
CVSS metrics for this CVE.
| Base score | Version | Severity | Vector | Exploitability | Impact | Score source |
|---|---|---|---|---|---|---|
| 4.7 | 3.1 | MEDIUM |
|
1.0 | 3.6 | [email protected] |
| vendor | priority | summary | link |
|---|---|---|---|
ubuntu
|
medium | CVE-2025-5054 medium priority: Ubuntu including 1 source packages (apport), 9 status rows across 9 suites (bionic, focal, jammy, noble, oracular, plucky, trusty, upstream, xenial): released 8, not-affected 1. | https://ubuntu.com/security/CVE-2025-5054 |
| Vendor | Product | Version | Raw CPE |
|---|---|---|---|
| canonical | apport | <= 2.32.0 | cpe:2.3:a:canonical:apport:*:*:*:*:*:*:*:* |
| canonical | ubuntu_linux | 16.04 | cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 18.04 | cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 20.04 | cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 22.04 | cpe:2.3:o:canonical:ubuntu_linux:22.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 24.04 | cpe:2.3:o:canonical:ubuntu_linux:24.04:*:*:*:lts:*:*:* |
| canonical | ubuntu_linux | 24.10 | cpe:2.3:o:canonical:ubuntu_linux:24.10:*:*:*:*:*:*:* |
| canonical | ubuntu_linux | 25.04 | cpe:2.3:o:canonical:ubuntu_linux:25.04:*:*:*:*:*:*:* |
| URL | Tags |
|---|---|
| https://ubuntu.com/security/CVE-2025-5054 | Third Party Advisory |
| https://ubuntu.com/security/notices/USN-7545-1 | Third Party Advisory |
| https://www.qualys.com/2025/05/29/apport-coredump/apport-coredump.txt | Exploit Mitigation Third Party Advisory |
| http://seclists.org/fulldisclosure/2025/Jun/9 |