2353313 – (CVE-2025-2515) CVE-2025-2515 bluechi: Privilege Escalation in BlueChi via Unrestricted Cross-Node Systemd Dependencies

Bug 2353313 (CVE-2025-2515) - CVE-2025-2515 bluechi: Privilege Escalation in BlueChi via Unrestricted Cross-Node Systemd Dependencies

Summary: CVE-2025-2515 bluechi: Privilege Escalation in BlueChi via Unrestricted Cross...

Keywords:
Status:	NEW
Alias:	CVE-2025-2515
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2025-03-19 07:43 UTC by OSIDB Bzimport
Modified:	2025-10-23 12:41 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2025-03-19 07:43:11 UTC

A privilege escalation vulnerability exists in BlueChi, a multi-node systemd service controller used in RHIVOS, due to improper enforcement of systemd service dependencies across nodes. A user with root privileges on the qm node can create or override systemd service unit files that influence host system services, potentially leading to unauthorized privilege escalation.

Note You need to log in before you can comment on or make changes to this bug.