VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-86qy-wkqz-5qam

Essentials
Severities (29)
References (27)
Severity details (21)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-86qy-wkqz-5qam
Aliases	CVE-2025-4598
Summary	systemd-coredump: race condition that allows a local attacker to crash a SUID program and gain read access to the resulting core dump
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-364

Signal Handler Race Condition

System	Score	Found at
cvssv3.1	4.7	https://access.redhat.com/errata/RHSA-2025:22660
ssvc	Track	https://access.redhat.com/errata/RHSA-2025:22660
cvssv3.1	4.7	https://access.redhat.com/errata/RHSA-2025:22868
ssvc	Track	https://access.redhat.com/errata/RHSA-2025:22868
cvssv3.1	4.7	https://access.redhat.com/errata/RHSA-2025:23227
ssvc	Track	https://access.redhat.com/errata/RHSA-2025:23227
cvssv3.1	4.7	https://access.redhat.com/errata/RHSA-2025:23234
ssvc	Track	https://access.redhat.com/errata/RHSA-2025:23234
cvssv3.1	4.7	https://access.redhat.com/errata/RHSA-2026:0414
ssvc	Track	https://access.redhat.com/errata/RHSA-2026:0414
cvssv3.1	4.7	https://access.redhat.com/errata/RHSA-2026:1652
ssvc	Track	https://access.redhat.com/errata/RHSA-2026:1652
cvssv3	4.7	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4598.json
cvssv3.1	4.7	https://access.redhat.com/security/cve/CVE-2025-4598
ssvc	Track	https://access.redhat.com/security/cve/CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
epss	0.001	https://api.first.org/data/v1/epss?cve=CVE-2025-4598
cvssv3.1	4.7	https://bugzilla.redhat.com/show_bug.cgi?id=2369242
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2369242
cvssv3.1	4.7	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
archlinux	Medium	https://security.archlinux.org/AVG-2893
cvssv3.1	4.7	https://www.openwall.com/lists/oss-security/2025/05/29/3
ssvc	Track	https://www.openwall.com/lists/oss-security/2025/05/29/3

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4598.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-4598
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-4598
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1106785		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1106785
2369242		https://bugzilla.redhat.com/show_bug.cgi?id=2369242
3		https://www.openwall.com/lists/oss-security/2025/05/29/3
AVG-2893		https://security.archlinux.org/AVG-2893
cpe:/a:redhat:ceph_storage:7::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:7::el9
cpe:/a:redhat:ceph_storage:8::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:ceph_storage:8::el9
cpe:/a:redhat:discovery:2::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:discovery:2::el9
cpe:/a:redhat:enterprise_linux:9::appstream		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/a:redhat:insights_proxy:1.5::el9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:insights_proxy:1.5::el9
cpe:/a:redhat:openshift:4		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9
cpe:/o:redhat:enterprise_linux:9::baseos		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::baseos
CVE-2025-4598		https://access.redhat.com/security/cve/CVE-2025-4598
RHSA-2025:22660		https://access.redhat.com/errata/RHSA-2025:22660
RHSA-2025:22868		https://access.redhat.com/errata/RHSA-2025:22868
RHSA-2025:23227		https://access.redhat.com/errata/RHSA-2025:23227
RHSA-2025:23234		https://access.redhat.com/errata/RHSA-2025:23234
RHSA-2026:0414		https://access.redhat.com/errata/RHSA-2026:0414
RHSA-2026:1652		https://access.redhat.com/errata/RHSA-2026:1652
USN-7559-1		https://usn.ubuntu.com/7559-1/

No exploits are available.

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:22660

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/errata/RHSA-2025:22660

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:22868

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/errata/RHSA-2025:22868

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:23227

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/errata/RHSA-2025:23227

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2025:23234

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/errata/RHSA-2025:23234

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2026:0414

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/errata/RHSA-2026:0414

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/errata/RHSA-2026:1652

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/errata/RHSA-2026:1652

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4598.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://access.redhat.com/security/cve/CVE-2025-4598

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://access.redhat.com/security/cve/CVE-2025-4598

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://bugzilla.redhat.com/show_bug.cgi?id=2369242

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2369242

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N Found at https://www.openwall.com/lists/oss-security/2025/05/29/3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:P/A:N/T:P/P:M/B:A/M:M/D:T/2025-05-30T13:43:28Z/ Found at https://www.openwall.com/lists/oss-security/2025/05/29/3

Exploit Prediction Scoring System (EPSS)

Percentile	0.27749
EPSS Score	0.001
Published At	April 2, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:39:41.928945+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-4598.json	38.0.0