Описание
ELSA-2025-10796: libblockdev security update (IMPORTANT)
[2.18-5.0.1]
- Don't allow suid and dev set on fs resize (CVE-2025-6019)
- [Orabug: 38176252]
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
libblockdev
2.18-5.0.1.el7
libblockdev-btrfs
2.18-5.0.1.el7
libblockdev-btrfs-devel
2.18-5.0.1.el7
libblockdev-crypto
2.18-5.0.1.el7
libblockdev-crypto-devel
2.18-5.0.1.el7
libblockdev-devel
2.18-5.0.1.el7
libblockdev-dm
2.18-5.0.1.el7
libblockdev-dm-devel
2.18-5.0.1.el7
libblockdev-fs
2.18-5.0.1.el7
libblockdev-fs-devel
2.18-5.0.1.el7
libblockdev-kbd
2.18-5.0.1.el7
libblockdev-kbd-devel
2.18-5.0.1.el7
libblockdev-loop
2.18-5.0.1.el7
libblockdev-loop-devel
2.18-5.0.1.el7
libblockdev-lvm
2.18-5.0.1.el7
libblockdev-lvm-devel
2.18-5.0.1.el7
libblockdev-mdraid
2.18-5.0.1.el7
libblockdev-mdraid-devel
2.18-5.0.1.el7
libblockdev-mpath
2.18-5.0.1.el7
libblockdev-mpath-devel
2.18-5.0.1.el7
libblockdev-nvdimm
2.18-5.0.1.el7
libblockdev-nvdimm-devel
2.18-5.0.1.el7
libblockdev-part
2.18-5.0.1.el7
libblockdev-part-devel
2.18-5.0.1.el7
libblockdev-plugins-all
2.18-5.0.1.el7
libblockdev-swap
2.18-5.0.1.el7
libblockdev-swap-devel
2.18-5.0.1.el7
libblockdev-utils
2.18-5.0.1.el7
libblockdev-utils-devel
2.18-5.0.1.el7
libblockdev-vdo
2.18-5.0.1.el7
libblockdev-vdo-devel
2.18-5.0.1.el7
python2-blockdev
2.18-5.0.1.el7
Связанные CVE
Связанные уязвимости
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
A Local Privilege Escalation (LPE) vulnerability was found in libblock ...