A crucial safety vulnerability has been found within the Linux UDisks daemon that would permit unprivileged attackers to realize entry to information owned by privileged customers.
The flaw, recognized as CVE-2025-8067, was publicly disclosed on August 28, 2025, and carries an Essential severity ranking with a CVSS v3 rating of 8.5.
Key Takeaways1. CVE-2025-8067 within the Linux UDisks daemon permits privilege escalation.2. Impacts Purple Hat Enterprise Linux 6-10, enabling native attackers to entry privileged information simply.3. No workarounds exist.
UDisks D-Bus Privilege Escalation Flaw
The vulnerability originates from improper enter validation within the UDisks daemon’s loop gadget handler, which processes requests by means of the D-BUS interface.
The flaw happens when the daemon handles two crucial parameters: the file descriptor listing and an index worth that specifies the backing file for loop gadget creation.
Whereas the daemon appropriately validates the higher sure of the index parameter to stop it from exceeding most allowed values, it fails to validate the decrease sure.
This oversight permits attackers to provide detrimental index values, resulting in an out-of-bounds learn situation categorised as CWE-125.
The vulnerability allows unprivileged customers to create loop units by means of the D-BUS system interface, probably inflicting the UDisks daemon to crash or, extra critically, facilitating native privilege escalation.
Attackers can exploit this flaw to entry delicate information owned by privileged customers, bypassing regular permission controls.
Safety researcher Michael Imfeld (born0monday) found and reported this vulnerability to Purple Hat.
Threat FactorsDetailsAffected ProductsRed Hat Enterprise Linux 10 (udisks2)Purple Hat Enterprise Linux 9 (udisks2)Purple Hat Enterprise Linux 8 (udisks2)Purple Hat Enterprise Linux 7 (udisks2)Purple Hat Enterprise Linux 6 (udisks – Out of assist)ImpactLocal privilege escalationExploit PrerequisitesLocal entry to focus on systemAbility to ship D-BUS requestsNo consumer interplay requiredCVSS 3.1 Score8.5 (Essential)
Affected Methods
Purple Hat’s Product Safety workforce has categorised this vulnerability as Essential on account of its low exploitation complexity and vital privilege escalation potential.
The vulnerability impacts a number of Purple Hat Enterprise Linux variations:
Purple Hat Enterprise Linux 10 (udisks2)
Purple Hat Enterprise Linux 9 (udisks2)
Purple Hat Enterprise Linux 8 (udisks2)
Purple Hat Enterprise Linux 7 (udisks2)
Purple Hat Enterprise Linux 6 (udisks – out of assist scope)
The CVSS v3 vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H signifies an area assault vector with low complexity, requiring no privileges or consumer interplay.
The vulnerability has a Modified scope with Low confidentiality and integrity impression however Excessive availability impression.
The technical impression consists of potential reminiscence disclosure of cryptographic keys, personally identifiable info, and reminiscence addresses that would bypass Deal with Area Format Randomization (ASLR) protections.
Presently, no mitigation is obtainable aside from putting in up to date packages as soon as they develop into out there.
Organizations utilizing affected Linux distributions ought to prioritize making use of safety patches instantly upon launch to stop potential exploitation of this privilege escalation vulnerability.
Discover this Story Fascinating! Observe us on Google Information, LinkedIn, and X to Get Extra Instantaneous Updates.
