Cybersecurity researchers identified two significant local privilege escalation vulnerabilities in popular Linux distributions that allow attackers to gain root privileges. Discovered by Qualys, these vulnerabilities are CVE-2025-6018 and CVE-2025-6019, which exploit weaknesses in Pluggable Authentication Modules (PAM) and the udisks daemon. Attackers can leverage legitimate services to break through polkit's security measures, enabling them to escalate their privileges swiftly. The widespread nature of these vulnerabilities poses a considerable risk to system security, allowing potential malicious actions such as system alterations and backdoor installations.
These modern 'local-to-root' exploits have collapsed the gap between an ordinary logged-in user and a full system takeover, said Saeed Abbasi, Senior Manager at Qualys Threat Research Unit (TRU).
By chaining legitimate services such as udisks loop-mounts and PAM/environment quirks, attackers who own any active GUI or SSH session can vault across polkit's allow_active trust zone and emerge as root in seconds.
Collection
[
|
...
]