https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve_2025_4598/ Recent content in CVE_2025_4598 on Detection.FYI Hugo -- gohugo.io Tue, 28 Apr 2026 23:20:23 +0000 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve_2025_4598/proc_creation_lnx_exploit_cve_2025_5054_or_cve_2025_4598/ Tue, 28 Apr 2026 23:20:23 +0000 https://detection.fyi/sigmahq/sigma/emerging-threats/2025/exploits/cve_2025_4598/proc_creation_lnx_exploit_cve_2025_5054_or_cve_2025_4598/ Detects attempts of an attacker to enable core dumps for set-user-ID (SUID) processes by modifying the system file /proc/sys/fs/suid_dumpable, typically by setting its value to 1 or 2. Enabling this feature allows memory dumps (core dumps) of SUID processes, which usually run with elevated privileges. These dumps may contain sensitive information such as passwords, cryptographic keys or other secrets. CVE-2025-5054: Information leak via core dumps from SUID binaries using apport. CVE-2025-4598: Information disclosure in systemd-coredump due to insecure handling of SUID process memory dumps.