{ "summary": { "snap": { "added": [], "removed": [], "diff": [] }, "deb": { "added": [], "removed": [], "diff": [ "apport", "apport-core-dump-handler", "cloud-init", "libnss-systemd", "libpam-systemd", "libsystemd-shared", "libsystemd0", "libtraceevent1", "libtraceevent1-plugin", "libudev1", "openssh-client", "openssh-server", "openssh-sftp-server", "python3-apport", "python3-problem-report", "systemd", "systemd-dev", "systemd-resolved", "systemd-sysv", "systemd-timesyncd", "udev", "update-notifier-common" ] } }, "diff": { "deb": [ { "name": "apport", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "apport-core-dump-handler", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "cloud-init", "from_version": { "source_package_name": "cloud-init", "source_package_version": "24.4.1-0ubuntu0~24.04.3", "version": "24.4.1-0ubuntu0~24.04.3" }, "to_version": { "source_package_name": "cloud-init", "source_package_version": "25.1.2-0ubuntu0~24.04.1", "version": "25.1.2-0ubuntu0~24.04.1" }, "cves": [], "launchpad_bugs_fixed": [ 2104165, 2100963 ], "changes": [ { "cves": [], "log": [ "", " * Upstream snapshot based on 25.1.2. (LP: #2104165).", " List of changes from upstream can be found at", " https://raw.githubusercontent.com/canonical/cloud-init/25.1.2/ChangeLog", "" ], "package": "cloud-init", "version": "25.1.2-0ubuntu0~24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2104165 ], "author": "James Falcon ", "date": "Mon, 19 May 2025 15:00:58 -0500" }, { "cves": [], "log": [ "", " * Drop cpicks which are now upstream:", " - cpick-d75840be-fix-retry-AWS-hotplug-for-async-IMDS-5995", " - cpick-84806336-chore-Add-feature-flag-for-manual-network-waiting", " - d/p/cpick-c60771d8-test-pytestify-test_url_helper.py", " - d/p/cpick-8810a2dc-test-Remove-CiTestCase-from-test_url_helper.py", " - d/p/cpick-582f16c1-test-add-OauthUrlHelper-tests", " - d/p/cpick-9311e066-fix-Update-OauthUrlHelper-to-use-readurl-exception_cb", " * refresh patches", " - d/p/deprecation-version-boundary.patch", " - d/p/grub-dpkg-support.patch", " - d/p/no-nocloud-network.patch", " - d/p/no-single-process.patch", " * sort hunks within all patches (--sort on quilt refresh)", " * Upstream snapshot based on 25.1.1.", " List of changes from upstream can be found at", " https://raw.githubusercontent.com/canonical/cloud-init/25.1.1/ChangeLog", "" ], "package": "cloud-init", "version": "25.1.1-0ubuntu1~24.04.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [], "author": "Chad Smith ", "date": "Tue, 25 Mar 2025 11:02:28 -0600" }, { "cves": [], "log": [ "", " * cherry-pick fixes for MAAS traceback (LP: #2100963)", " - cherry-pick c60771d8: test: pytestify test_url_helper.py", " - cherry-pick 8810a2dc: test: Remove CiTestCase from", " test_url_helper.py", " - cherry-pick 582f16c1: test: add OauthUrlHelper tests", " - cherry-pick 9311e066: fix: Update OauthUrlHelper to use readurl", " exception_cb", "" ], "package": "cloud-init", "version": "24.4.1-0ubuntu0~20.04.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2100963 ], "author": "James Falcon ", "date": "Thu, 13 Mar 2025 11:28:57 -0500" } ], "notes": null, "is_version_downgrade": false }, { "name": "libnss-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libpam-systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd-shared", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libsystemd0", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtraceevent1", "from_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.2-1ubuntu2", "version": "1:1.8.2-1ubuntu2" }, "to_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.2-1ubuntu2.1", "version": "1:1.8.2-1ubuntu2.1" }, "cves": [], "launchpad_bugs_fixed": [ 2062118, 2101149 ], "changes": [ { "cves": [], "log": [ "", " * Set default file_bigendian in struct tep_handle", " - d/p/0004-fix-file-endianness.patch: make file_bigendian the same", " as host_bignendian in tep_alloc() (LP: #2062118), (LP: #2101149)", "" ], "package": "libtraceevent", "version": "1:1.8.2-1ubuntu2.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2062118, 2101149 ], "author": "Pragyansh Chaturvedi ", "date": "Fri, 07 Mar 2025 18:47:32 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libtraceevent1-plugin", "from_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.2-1ubuntu2", "version": "1:1.8.2-1ubuntu2" }, "to_version": { "source_package_name": "libtraceevent", "source_package_version": "1:1.8.2-1ubuntu2.1", "version": "1:1.8.2-1ubuntu2.1" }, "cves": [], "launchpad_bugs_fixed": [ 2062118, 2101149 ], "changes": [ { "cves": [], "log": [ "", " * Set default file_bigendian in struct tep_handle", " - d/p/0004-fix-file-endianness.patch: make file_bigendian the same", " as host_bignendian in tep_alloc() (LP: #2062118), (LP: #2101149)", "" ], "package": "libtraceevent", "version": "1:1.8.2-1ubuntu2.1", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2062118, 2101149 ], "author": "Pragyansh Chaturvedi ", "date": "Fri, 07 Mar 2025 18:47:32 +0530" } ], "notes": null, "is_version_downgrade": false }, { "name": "libudev1", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-client", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.11", "version": "1:9.6p1-3ubuntu13.11" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.12", "version": "1:9.6p1-3ubuntu13.12" }, "cves": [], "launchpad_bugs_fixed": [ 2069041 ], "changes": [ { "cves": [], "log": [ "", " * d/p/sshd-socket-generator.patch: add note to sshd_config", " Explain that a systemctl daemon-reload is needed for changes", " to Port et al to take effect.", " (LP: #2069041)", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.12", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2069041 ], "author": "Nick Rosbrook ", "date": "Tue, 29 Apr 2025 10:57:04 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.11", "version": "1:9.6p1-3ubuntu13.11" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.12", "version": "1:9.6p1-3ubuntu13.12" }, "cves": [], "launchpad_bugs_fixed": [ 2069041 ], "changes": [ { "cves": [], "log": [ "", " * d/p/sshd-socket-generator.patch: add note to sshd_config", " Explain that a systemctl daemon-reload is needed for changes", " to Port et al to take effect.", " (LP: #2069041)", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.12", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2069041 ], "author": "Nick Rosbrook ", "date": "Tue, 29 Apr 2025 10:57:04 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "openssh-sftp-server", "from_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.11", "version": "1:9.6p1-3ubuntu13.11" }, "to_version": { "source_package_name": "openssh", "source_package_version": "1:9.6p1-3ubuntu13.12", "version": "1:9.6p1-3ubuntu13.12" }, "cves": [], "launchpad_bugs_fixed": [ 2069041 ], "changes": [ { "cves": [], "log": [ "", " * d/p/sshd-socket-generator.patch: add note to sshd_config", " Explain that a systemctl daemon-reload is needed for changes", " to Port et al to take effect.", " (LP: #2069041)", "" ], "package": "openssh", "version": "1:9.6p1-3ubuntu13.12", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2069041 ], "author": "Nick Rosbrook ", "date": "Tue, 29 Apr 2025 10:57:04 -0400" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-apport", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "python3-problem-report", "from_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.6", "version": "2.28.1-0ubuntu3.6" }, "to_version": { "source_package_name": "apport", "source_package_version": "2.28.1-0ubuntu3.7", "version": "2.28.1-0ubuntu3.7" }, "cves": [], "launchpad_bugs_fixed": [ 2112272 ], "changes": [ { "cves": [], "log": [ "", " * SECURITY REGRESSION: apport not generating core dumps inside containers", " (LP: #2112272)", " - d/p/check-exe-mtime.patch: Check the exe mtime within the proc root", " mount.", "" ], "package": "apport", "version": "2.28.1-0ubuntu3.7", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [ 2112272 ], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 15:59:08 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-dev", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-resolved", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-sysv", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "systemd-timesyncd", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "udev", "from_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.6", "version": "255.4-1ubuntu8.6" }, "to_version": { "source_package_name": "systemd", "source_package_version": "255.4-1ubuntu8.8", "version": "255.4-1ubuntu8.8" }, "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "launchpad_bugs_fixed": [], "changes": [ { "cves": [ { "cve": "CVE-2025-4598", "url": "https://ubuntu.com/security/CVE-2025-4598", "cve_description": "A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process. A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.", "cve_priority": "medium", "cve_public_date": "2025-05-30 14:15:00 UTC" } ], "log": [ "", " * SECURITY UPDATE: race condition in systemd-coredump", " - debian/patches/CVE_2025_4598_1.patch: coredump: get rid of", " _META_MANDATORY_MAX.", " - debian/patches/CVE_2025_4598_2.patch: coredump: use %d in kernel core", " pattern.", " - debian/patches/CVE_2025_4598_3.patch: coredump: also stop forwarding", " non-dumpable processes.", " - debian/patches/CVE_2025_4598_4.patch: coredump: get rid of a bogus", " assertion.", " - CVE-2025-4598", " * this update does not include the changes from 255.4-1ubuntu8.7 as included in noble-proposed", "" ], "package": "systemd", "version": "255.4-1ubuntu8.8", "urgency": "medium", "distributions": "noble-security", "launchpad_bugs_fixed": [], "author": "Octavio Galland ", "date": "Wed, 04 Jun 2025 09:24:15 -0300" } ], "notes": null, "is_version_downgrade": false }, { "name": "update-notifier-common", "from_version": { "source_package_name": "update-notifier", "source_package_version": "3.192.68.1", "version": "3.192.68.1" }, "to_version": { "source_package_name": "update-notifier", "source_package_version": "3.192.68.2", "version": "3.192.68.2" }, "cves": [], "launchpad_bugs_fixed": [ 2103445 ], "changes": [ { "cves": [], "log": [ "", " * update-notifier: Do not call GdkX11 functions on Wayland (LP: #2103445)", "" ], "package": "update-notifier", "version": "3.192.68.2", "urgency": "medium", "distributions": "noble", "launchpad_bugs_fixed": [ 2103445 ], "author": "Alessandro Astone ", "date": "Wed, 02 Apr 2025 11:15:39 +0200" } ], "notes": null, "is_version_downgrade": false } ], "snap": [] }, "added": { "deb": [], "snap": [] }, "removed": { "deb": [], "snap": [] }, "notes": "Changelog diff for Ubuntu 24.04 noble image from daily image serial 20250605 to 20250610", "from_series": "noble", "to_series": "noble", "from_serial": "20250605", "to_serial": "20250610", "from_manifest_filename": "daily_manifest.previous", "to_manifest_filename": "manifest.current" }