Dear stable maintainer(s), The following series was merged for 6.16: https://lore.kernel.org/all/20250414-work-coredump-v2-0-685bf231f828@xxxxxxxxxx/ https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c57f07b235871c9e5bffaccd458dca2d9a62b164 https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=95c5f43181fe9c1b5e5a4bd3281c857a5259991f https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=b5325b2a270fcaf7b2a9a0f23d422ca8a5a8bdea This allows the userspace coredump handler to get a PIDFD referencing the crashed process. We have discovered that there are real world exploits that can be used to trick coredump handling userspace software to act on foreign processes due to PID reuse attacks: https://security-tracker.debian.org/tracker/CVE-2025-4598 We have fixed the worst case scenario, but to really and comprehensively fix the whole problem we need this new %F option. We have backported the userspace side to the systemd stable branch. Would it be possible to backport the above 3 patches to at least the 6.12 series, so that the next Debian stable can be fully covered? The first two are small bug fixes so it would be good to have them, and the third one is quite small and unless explicitly configured in the core_pattern, it will be inert, so risk should be low. Thanks!
