{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-03T04:02:55.848","vulnerabilities":[{"cve":{"id":"CVE-2025-6019","sourceIdentifier":"secalert@redhat.com","published":"2025-06-19T12:15:19.727","lastModified":"2026-04-15T00:35:42.020","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the \"allow_active\" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an \"allow_active\" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation.  However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system."},{"lang":"es","value":"Se encontró una vulnerabilidad de Escalada de Privilegios Locales (LPE) en libblockdev. Generalmente, la configuración \"allow_active\" de Polkit permite a un usuario físicamente presente realizar ciertas acciones según el tipo de sesión. Debido a la forma en que libblockdev interactúa con el daemon udisks, un usuario \"allow_active\" en un sistema puede escalar a privilegios de root completos en el host objetivo. Normalmente, udisks monta imágenes del sistema de archivos proporcionadas por el usuario con indicadores de seguridad como nosuid y nodev para evitar la escalada de privilegios. Sin embargo, un atacante local puede crear una imagen XFS especialmente manipulada que contenga un shell SUID-root y luego engañar a udisks para que la redimensione. Esto monta su sistema de archivos malicioso con privilegios de root, lo que le permite ejecutar su shell SUID-root y obtener el control total del sistema."}],"metrics":{"cvssMetricV31":[{"source":"secalert@redhat.com","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.0,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.0,"impactScore":5.9}]},"weaknesses":[{"source":"secalert@redhat.com","type":"Secondary","description":[{"lang":"en","value":"CWE-250"}]}],"references":[{"url":"https://access.redhat.com/errata/RHSA-2025:10796","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9320","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9321","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9322","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9323","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9324","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9325","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9326","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9327","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9328","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/errata/RHSA-2025:9878","source":"secalert@redhat.com"},{"url":"https://access.redhat.com/security/cve/CVE-2025-6019","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=2370051","source":"secalert@redhat.com"},{"url":"https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2025/06/17/5","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/06/17/6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2025/06/18/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://lists.debian.org/debian-lts-announce/2025/06/msg00018.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://news.ycombinator.com/item?id=44325861","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://www.bleepingcomputer.com/news/linux/new-linux-udisks-flaw-lets-attackers-get-root-on-major-linux-distros/","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}