CVE-2025-6019

Name of the Vulnerable Software and Affected Versions libblockdev versions prior to 2.23-2ubuntu3+esm1 libblockdev versions prior to 3.1.1-2ubuntu0.1 libblockdev (affected versions not specified)

Description A Local Privilege Escalation (LPE) issue exists in libblockdev due to how it interacts with the udisks daemon. The "allow active" setting in Polkit allows physically present users to perform specific actions based on their session type. While udisks typically mounts user-provided filesystem images using security flags such as nosuid and nodev to prevent privilege escalation, a local attacker can bypass these protections. By creating a specially crafted XFS image containing a SUID-root shell and tricking udisks into resizing it, the malicious filesystem is mounted with root privileges. This allows the attacker to execute the SUID-root shell and gain complete control of the target host.

Recommendations Update to version 2.23-2ubuntu3+esm1. Update to version 3.1.1-2ubuntu0.1. Upgrade libblockdev packages to the latest available version.