Intentionally Crashing Apps on Linux Could Expose Password Hashes

Security researchers have identified two security flaws in Linux that could have let attackers gain access to sensitive data like password hashes simply by forcing programs to crash.

Security experts from Qualys have found two vulnerabilities that directly impacted how Linux handles crash reports. The crash reports, or ‘core dumps,’ have a clear purpose: to record the state of an application when it crashes. This is an important tool for users trying to determine why an application has crashed.