Bug 2373307 - libblockdev allegedly exploitable via the udisks daemon included by default on most Linux distributions, and allows an “allow_active” user to gain full root privileges (CVE-2025-6019)
Summary: libblockdev allegedly exploitable via the udisks daemon included by default o...
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: libblockdev
Version: rawhide
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Vojtech Trefny
QA Contact: Fedora Extras Quality Assurance
URL: https://blog.qualys.com/vulnerabiliti...
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2025-06-18 07:35 UTC by Vojtech Trefny
Modified: 2025-06-21 02:12 UTC (History)
6 users (show)

Fixed In Version: libblockdev-3.3.1-1.fc43
Clone Of: 2373301
Environment:
Last Closed: 2025-06-18 10:58:44 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Vojtech Trefny 2025-06-18 07:35:08 UTC 
+++ This bug was initially created as a clone of Bug #2373301 +++

The Qualys team discovered [a] LPE vulnerability in libblockdev, trivially exploitable via the udisks daemon, which is installed by default on most Linux distributions: an "allow_active" user (e.g., a physical user, or an attacker who hijacked the session of a physical user) can obtain the full privileges of the root user [1].

[1] https://www.openwall.com/lists/oss-security/2025/06/17/4

Reproducible: Always

Actual Results:
LPE

Expected Results:
Disallow LPE.

Additional Information:
Proposed patches for both udisks and libblockdev [1].

[1] https://www.openwall.com/lists/oss-security/2025/06/17/5
Comment 1 Fedora Update System 2025-06-18 08:00:56 UTC 
FEDORA-2025-af7ba2696c (libblockdev-3.3.1-1.fc42) has been submitted as an update to Fedora 42.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-af7ba2696c
Comment 2 Fedora Update System 2025-06-18 08:05:13 UTC 
FEDORA-2025-4f28b95d7e (libblockdev-3.2.2-1.fc41) has been submitted as an update to Fedora 41.
https://bodhi.fedoraproject.org/updates/FEDORA-2025-4f28b95d7e
Comment 3 Fedora Update System 2025-06-19 01:43:55 UTC 
FEDORA-2025-af7ba2696c has been pushed to the Fedora 42 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-af7ba2696c`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-af7ba2696c

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 4 Fedora Update System 2025-06-19 02:24:09 UTC 
FEDORA-2025-4f28b95d7e has been pushed to the Fedora 41 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2025-4f28b95d7e`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2025-4f28b95d7e

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
Comment 5 Fedora Update System 2025-06-21 01:27:32 UTC 
FEDORA-2025-af7ba2696c (libblockdev-3.3.1-1.fc42) has been pushed to the Fedora 42 stable repository.
If problem still persists, please make note of it in this bug report.
Comment 6 Fedora Update System 2025-06-21 02:12:31 UTC 
FEDORA-2025-4f28b95d7e (libblockdev-3.2.2-1.fc41) has been pushed to the Fedora 41 stable repository.
If problem still persists, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.