Red Hot Cyber, The cybersecurity news

Red Hot Cyber

Cybersecurity is about sharing. Recognize the risk, combat it, share your experiences, and encourage others to do better than you.
Select language
Spanish Italian
Search
Red Hot Cyber Academy

Critical Linux Vulnerability: CVSS 8.5 Vulnerability Discovered in UDisks Daemon

Redazione RHC : 1 September 2025 13:50

A critical security flaw in the Linux UDisks daemon was recently discovered, allowing potential unprivileged attackers to access files belonging to highly privileged users. The vulnerability, classified as CVE-2025-8067, was disclosed on August 28, 2025, with a CVSS v3 score of 8.5, underscoring its significance.

The vulnerability is caused by an input validation error in the UDisks daemon device manager. This manager processes requests through the D-BUS interface. The flaw occurs when the daemon processes two specific parameters: an index value that determines the backing file for creating the loop device and the list of file descriptors.

Although the daemon correctly validates the index parameter to ensure it doesn’t exceed the maximum allowed values, it fails to validate the lower bound. This oversight allows attackers to provide negative index values, resulting in an out-of-bounds read condition classified as CWE-125.

The vulnerability allows unprivileged users to create loop devices via the D-BUS system interface, potentially causing the UDisks daemon to crash or, more seriously, facilitate local privilege escalation.

Attackers can exploit this flaw to access sensitive files owned by privileged users, bypassing normal permissions checks. Security researcher Michael Imfeld discovered and reported this vulnerability to Red Hat. Red Hat’s Product Security team has classified this vulnerability as important due to its low complexity of exploitation and significant potential for privilege escalation.

The CVSS v3 vector CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H indicates a local attack vector with low complexity, requiring no privileges or user interaction. The vulnerability has a modified scope with low impact on confidentiality and integrity but high impact on availability.

The technical impact includes the potential disclosure of cryptographic key storage, personally identifiable information, and memory addresses that could bypass Address Space Layout Randomization (ASLR) protections.

Redazione
The editorial team of Red Hot Cyber consists of a group of individuals and anonymous sources who actively collaborate to provide early information and news on cybersecurity and computing in general.

Lista degli articoli