New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions

Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below - CVE-2025-6018 - LPE from unprivileged to allow_active in SUSE 15's Pluggable Authentication Modules (PAM) CVE-2025-6019 - LPE from allow_active to root in

  Hacker News   Jun 19, 2025   0   19  Add to Reading List
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
Cybersecurity researchers have uncovered two local privilege escalation (LPE) flaws that could be exploited to gain root privileges on machines running major Linux distributions. The vulnerabilities, discovered by Qualys, are listed below - CVE-2025-6018 - LPE from unprivileged to allow_active in SUSE 15's Pluggable Authentication Modules (PAM) CVE-2025-6019 - LPE from allow_active to root in
Read More   

What's Your Reaction?

like

dislike

love

funny

angry

sad

wow