{"uuid": "00f9aab8-8b0e-45d1-b30f-317800ac1149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-6019", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19140", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-6019\n\ud83d\udd25 CVSS Score: 7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the \"allow_active\" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an \"allow_active\" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation.  However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.\n\ud83d\udccf Published: 2025-06-19T11:55:57.380Z\n\ud83d\udccf Modified: 2025-06-21T22:58:36.379Z\n\ud83d\udd17 References:\n1. https://access.redhat.com/security/cve/CVE-2025-6019\n2. https://bugzilla.redhat.com/show_bug.cgi?id=2370051\n3. https://cdn2.qualys.com/2025/06/17/suse15-pam-udisks-lpe.txt", "creation_timestamp": "2025-06-21T23:43:49.000000Z"}