New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
thehackernews.com
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
TLDR:
The new flaws are CVE-2025-6018 and CVE-2025-6019.
The first is a vulnerability in PAM. The second is in libblockdev.
The PAM vulnerability only affects SUSE Linux systems, other distros are not affected.
Vulnerable versions of libblockdev are 2.25-2 and 2.28-2, newer updates have it fixed.
So, if you're using Arch, and you've run
pacman -Syuwithin the past, I don't know, year, you're fine.well I ran it yesterday but I'll run it again just to be safe you know