New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Jun 19, 2025
Linux / Vulnerability
Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities , discovered by Qualys, are listed below - CVE-2025-6018 - LPE from unprivileged to allow_active in SUSE 15's Pluggable Authentication Modules ( PAM ) CVE-2025-6019 - LPE from allow_active to root in libblockdev via the udisks daemon "These modern 'local-to-root' exploits have collapsed the gap between an ordinary logged-in user and a full system takeover," Saeed Abbasi, Senior Manager at Qualys Threat Research Unit (TRU), said . "By chaining legitimate services such as udisks loop-mounts and PAM/environment quirks, attackers who own any active GUI or SSH session can vault across polkit's allow_active trust zone and emerge as root in seconds." The cybersecurity company said CVE-2025-6018 is present in the PAM configuration of openSUSE Leap ...
