CISA Alerts to Active Exploitation of Critical Linux Kernel Privilege Flaws
Originally Published 6 months ago — by BleepingComputer
Two critical local privilege escalation vulnerabilities in Linux's udisks and PAM framework can allow attackers to gain root access on major Linux distributions. The flaws, CVE-2025-6018 and CVE-2025-6019, are especially dangerous because udisks is widely used by default, and exploits have been demonstrated on popular distros like Ubuntu, Debian, Fedora, and openSUSE. Immediate patching is strongly recommended to prevent potential system compromises.