Unix News Tutorials Events and Stuff: [USN-7578-1] UDisks vulnerability

Wednesday, June 18, 2025

[USN-7578-1] UDisks vulnerability

-----BEGIN PGP SIGNATURE-----

wsF5BAABCAAjFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmhS5esFAwAAAAAACgkQZWnYVadEvpOn
pRAAnuxzepCjo0cGBm1FaGPiwvpGxecHtl2Om0lnUfpbjM139actx7q9yOVQUFkBKDG97iJAOC//
zU6LxPGIkX2TPx3Etxk1fBO16b7n0pSOjzGPc6poFR3Tw3VkuMpT4VLlNIwtFTxNji0GwD3AXVT5
uo6BNkZJBr2+4ObfVU6ggPq8UyZrVk3+Kb2zv8ER7e+dM7VNRjB0E9FSgoijWvu17REJARq7RuMp
VHsd/eiPS0bHWEpvuEl4rhpCuannSVIKCdxsDmwlAB9V3Hs8Z0+G4AzhOiSp0oL8y3xLpq3SSAOX
M8KdtrNk0LkrRvbB+WoeA5X059wCut5Z8JV6OVGbeVF6BgI696JJBhDKt46/2wi9vTBZ7C6scZb6
F1VCZDSLz00utu5Zjzix9r5ARlCwT00erekZt4u1a+f6E+fRF2K9Q3zFLfUxFsVdpvZyZ4wf2UBk
4d6RyZ7XXEUqwPvOQAs2oiluST/kS5Rp2Ar5zIwQLeqruC/jL1xR4wlsvHIZ8282dZF+FPDdIrJR
RRBW7J79+RcE3PosVjgDWvtocCn0gEsa8PJxS57Z1zjAXUgDEo+SlyvwJ8dUgGJ9xB+UzT+frPsa
czXdd1pBg6uMS/zUpuCSLmf+9HdoNEbygHKbJ+PPYzQoz6uGIQh51G4NWFIKnspndRGhk1fZE3+6
ZLg=
=EZId
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-7578-1
June 18, 2025

udisks2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

UDisks could be made to run programs as an administrator.

Software Description:
- udisks2: service to access and manipulate storage devices

Details:

It was discovered that UDisks incorrectly handled mount options when
resizing certain filesystems. A local attacker with an active session on
the console can use this issue to escalate their privileges to root.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
libudisks2-0 2.10.1-11ubuntu2.2
udisks2 2.10.1-11ubuntu2.2

Ubuntu 24.10
libudisks2-0 2.10.1-9ubuntu3.2
udisks2 2.10.1-9ubuntu3.2

Ubuntu 24.04 LTS
libudisks2-0 2.10.1-6ubuntu1.2
udisks2 2.10.1-6ubuntu1.2

Ubuntu 22.04 LTS
libudisks2-0 2.9.4-1ubuntu2.2
udisks2 2.9.4-1ubuntu2.2

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
https://ubuntu.com/security/notices/USN-7578-1
CVE-2025-6019

Package Information:
https://launchpad.net/ubuntu/+source/udisks2/2.10.1-11ubuntu2.2
https://launchpad.net/ubuntu/+source/udisks2/2.10.1-9ubuntu3.2
https://launchpad.net/ubuntu/+source/udisks2/2.10.1-6ubuntu1.2
https://launchpad.net/ubuntu/+source/udisks2/2.9.4-1ubuntu2.2

Wednesday, June 18, 2025

[USN-7578-1] UDisks vulnerability

No comments:

Post a Comment