From dd0b55cc45f9ccd64d0075ba37ab6a4723d94a02 Mon Sep 17 00:00:00 2001
From: raja-grewal <rg_public@proton.me>
Date: Tue, 3 Jun 2025 12:32:17 +1000
Subject: [PATCH] Add reference

---
 usr/lib/sysctl.d/990-security-misc.conf | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/usr/lib/sysctl.d/990-security-misc.conf b/usr/lib/sysctl.d/990-security-misc.conf
index 3b2e38c..9d4f3eb 100644
--- a/usr/lib/sysctl.d/990-security-misc.conf
+++ b/usr/lib/sysctl.d/990-security-misc.conf
@@ -360,6 +360,8 @@ kernel.core_pattern=|/bin/false
 ## Prevent setuid processes or otherwise protected/tainted binaries from creating core dumps.
 ## Any process which has changed privilege levels or is execute-only will not be dumped.
 ##
+## https://blog.qualys.com/vulnerabilities-threat-research/2025/05/29/qualys-tru-discovers-two-local-information-disclosure-vulnerabilities-in-apport-and-systemd-coredump-cve-2025-5054-and-cve-2025-4598
+##
 ## KSPP=yes
 ## KSPP sets the sysctl.
 ##