Cybersecurity researchers have identified two critical privilege escalation vulnerabilities in major Linux distributions, potentially allowing attackers to gain root access. Patches and temporary workarounds are recommended to mitigate these risks. #CVE20256018 #CVE20256019 #LinuxPrivilegeEscalation
Keypoints
- Two local privilege escalation flaws have been discovered in Linux distributions by Qualys.
- CVE-2025-6018 affects SUSE Linux, enabling escalation to βallow_activeβ permissions via PAM.
- CVE-2025-6019 impacts libblockdev through the udisks daemon, allowing full root access.
- Attackers can chain these vulnerabilities to perform system-wide takeovers from a user session.
- Applying vendor patches or modifying Polkit rules can help mitigate the vulnerabilities.
Read More: https://thehackernews.com/2025/06/new-linux-flaws-enable-full-root-access.html