Critical: Local Privilege Escalation Vulnerabilities Found in Linux

Popular：

Virtualization DNS security formal verification reachability analysis compiler errors macro conflict web extension development framework Bitmap Graphics API inconsistencies All Tags

Critical: Local Privilege Escalation Vulnerabilities Found in Linux

2025-06-23

Two newly discovered local privilege escalation (LPE) vulnerabilities allow attackers to gain root privileges on systems running major Linux distributions. The first flaw (CVE-2025-6018) resides in the PAM framework configuration on openSUSE Leap 15 and SUSE Linux Enterprise 15, granting local attackers 'allow_active' user privileges. The second (CVE-2025-6019), found in libblockdev, allows an 'allow_active' user to gain root via the udisks daemon. Qualys TRU has developed proof-of-concept exploits, successfully achieving root on Ubuntu, Debian, Fedora, and openSUSE Leap 15. Immediate patching is crucial.

(www.bleepingcomputer.com)

Development Linux vulnerability local privilege escalation

Unexpected Nova V462 Lupi Lights Up the Southern Sky

Ariadne Suite: A Novel Tamper-Resistant Cryptographic Protocol