ASA-202506-10 log raw

[ASA-202506-10] libblockdev: privilege escalation
Arch Linux Security Advisory ASA-202506-10 ========================================== Severity: High Date : 2025-06-22 CVE-ID : CVE-2025-6019 Package : libblockdev Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2905 Summary ======= The package libblockdev before version 3.3.1-1 is vulnerable to privilege escalation. Resolution ========== Upgrade to 3.3.1-1. # pacman -Syu "libblockdev>=3.3.1-1" The problem has been fixed upstream in version 3.3.1. Workaround ========== None. Description =========== A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. Impact ====== A local attacker with active Polkit session privileges can exploit libblockdev's interaction with udisks to escalate to full root access. References ========== https://nvd.nist.gov/vuln/detail/CVE-2025-6019 https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks https://security.archlinux.org/CVE-2025-6019

[ASA-202506-10] libblockdev: privilege escalation

Arch Linux Security Advisory ASA-202506-10 ========================================== Severity: High Date : 2025-06-22 CVE-ID : CVE-2025-6019 Package : libblockdev Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-2905 Summary ======= The package libblockdev before version 3.3.1-1 is vulnerable to privilege escalation. Resolution ========== Upgrade to 3.3.1-1. # pacman -Syu "libblockdev>=3.3.1-1" The problem has been fixed upstream in version 3.3.1. Workaround ========== None. Description =========== A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system. Impact ====== A local attacker with active Polkit session privileges can exploit libblockdev's interaction with udisks to escalate to full root access. References ========== https://nvd.nist.gov/vuln/detail/CVE-2025-6019 https://blog.qualys.com/vulnerabilities-threat-research/2025/06/17/qualys-tru-uncovers-chained-lpe-suse-15-pam-to-full-root-via-libblockdev-udisks https://security.archlinux.org/CVE-2025-6019