cm0002@lemmy.world to Linux@sh.itjust.works · 2日前New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributionsthehackernews.comexternal-linkmessage-square6linkfedilinkarrow-up125arrow-down11cross-posted to: linux@lemmy.mllinux@programming.dev
arrow-up124arrow-down1external-linkNew Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributionsthehackernews.comcm0002@lemmy.world to Linux@sh.itjust.works · 2日前message-square6linkfedilinkcross-posted to: linux@lemmy.mllinux@programming.dev
minus-squareDeltaWingDragon@sh.itjust.workslinkfedilinkarrow-up3·1日前TLDR: The new flaws are CVE-2025-6018 and CVE-2025-6019. The first is a vulnerability in PAM. The second is in libblockdev. The PAM vulnerability only affects SUSE Linux systems, other distros are not affected. Vulnerable versions of libblockdev are 2.25-2 and 2.28-2, newer updates have it fixed.
minus-squareSxan@piefed.ziplinkfedilinkEnglisharrow-up4·1日前So, if you’re using Arch, and you’ve run pacman -Syu within the past, I don’t know, year, you’re fine.
minus-squareTyoda@lemm.eelinkfedilinkarrow-up4·1日前well I ran it yesterday but I’ll run it again just to be safe you know
minus-squareSturgist@lemmy.calinkfedilinkarrow-up3·22時間前I run Garuda, an Arch based distro, wife calls it Update Simulator: OS Edition
TLDR:
The new flaws are CVE-2025-6018 and CVE-2025-6019.
The first is a vulnerability in PAM. The second is in libblockdev.
The PAM vulnerability only affects SUSE Linux systems, other distros are not affected.
Vulnerable versions of libblockdev are 2.25-2 and 2.28-2, newer updates have it fixed.
So, if you’re using Arch, and you’ve run
pacman -Syuwithin the past, I don’t know, year, you’re fine.well I ran it yesterday but I’ll run it again just to be safe you know
I run Garuda, an Arch based distro, wife calls it Update Simulator: OS Edition