Technology

Critical Linux Vulnerabilities Grant Root Access: Urgent Security Alert!

2025-06-19

Author: Ken Lee

Uncovering Major Linux Security Flaws!

In a shocking revelation, cybersecurity experts have identified two serious local privilege escalation (LPE) vulnerabilities that threaten users across popular Linux distributions. These flaws could enable malicious actors to gain full root access to systems that millions rely on daily.

The Dangerous Details of the Vulnerabilities

Discovered by the cybersecurity firm Qualys, the vulnerabilities are categorized as follows: - **CVE-2025-6018**: This vulnerability allows an unprivileged user to escalate their privileges to 'allow_active' in SUSE 15's Pluggable Authentication Modules (PAM). - **CVE-2025-6019**: This flaw facilitates elevation from 'allow_active' to root privileges using the libblockdev via the udisks daemon.

According to Saeed Abbasi, Senior Manager at Qualys Threat Research Unit, these vulnerabilities effectively eliminate the barriers between a standard user and a complete system takeover. "Attackers with access to any active GUI or SSH session can easily bypass security protocols and achieve root status within moments!"

Widespread Vulnerability Across Distributions

CVE-2025-6018 specifically exists in the PAM configuration of openSUSE Leap 15 and SUSE Linux Enterprise 15, making it possible for local attackers to elevate their privileges by manipulating Polkit actions reserved for physically present users. Conversely, CVE-2025-6019 affects the libblockdev, which is part of the udisks daemon that comes pre-installed on nearly all Linux systems. This means that **almost every Linux distribution is potentially at risk!**

The Risks Are Real!

Once attackers obtain root permissions, they can unleash havoc by altering security settings, installing backdoors, or using the compromised system as a launching pad for even wider attacks!

Proof of Concept and Solutions

Qualys has created proof-of-concept exploits to demonstrate these vulnerabilities across systems like Ubuntu, Debian, Fedora, and openSUSE Leap 15. To mitigate the risks, it is crucial for users to immediately apply the security patches released by their respective Linux distribution vendors. As a temporary measure, users can adjust Polkit rules for "org.freedesktop.udisks2.modify-device" to mandate administrator authentication.

Additional Flaw Alert in Linux PAM

The situation worsens as maintainers of Linux PAM have recently patched another high-severity flaw (CVE-2025-6020) that could also allow privilege escalation. The fix is included in version 1.7.1. The vulnerability allows locals to exploit user-controlled paths via a series of symlink attacks, threatening to grant them root access.

Experts recommend disabling pam_namespace or ensuring it doesn’t function on user-controlled paths as immediate workarounds.

Take Action Now!

With these vulnerabilities exposing critical weaknesses, it's more important than ever for Linux users to stay informed and proactive about safeguarding their systems. Your digital security could depend on it!