CVE-2025-15480

Senstive information disclosure was affecting ubuntu-desktop-provision

Description

In Ubuntu, ubuntu-desktop-provision version 24.04.4 could leak sensitive user credentials during crash reporting. Upon installation failure, if a user submitted a bug report to Launchpad, ubuntu-desktop-provision could include the user's password hash in the attached logs.

INFO

Published Date :

2026-04-09T15:02:14.066Z

Last Modified :

2026-04-10T13:57:17.350Z

Source :

canonical

AFFECTED PRODUCTS

The following products are affected by CVE-2025-15480 vulnerability.

Vendors	Products
Canonical	Ubuntu

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-15480.

URL	Resource
https://github.com/canonical/ubuntu-desktop-provision/pull/1399
https://github.com/canonical/ubuntu-desktop-provision/pull/1400

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.

Attack Vector

Attack Complexity

Attack Requirements

Privileges Required

User Interaction

VS Confidentiality

VS Integrity

VS Availability

SS Confidentiality

SS Integrity

SS Availability