New Linux udisks flaw lets attackers get root on major Linux distros

June 18, 2025

New Linux udisks flaw lets attackers get root on major Linux distros

Attackers can exploit two newly discovered local privilege escalation (LPE) vulnerabilities to gain root privileges on systems running major Linux distributions.
The first flaw (tracked as CVE-2025-60 …

Published Date:
Jun 18, 2025 (5 hours, 49 minutes ago)

Vulnerabilities has been mentioned in this article.

Source: Read More

Previous ArticleBeyondTrust warns of pre-auth RCE in Remote Support software

Next Article Cyberagentschap VS meldt actief misbruik van lek in Linux-kernel

Highlights

CVE-2025-4748 – Erlang OTP Path Traversal Vulnerability

June 16, 2025

CVE ID : CVE-2025-4748

Published : June 16, 2025, 11:15 a.m. | 3 hours, 5 minutes ago

Description : Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Erlang OTP (stdlib modules) allows Absolute Path Traversal, File Manipulation. This vulnerability is associated with program files lib/stdlib/src/zip.erl and program routines zip:unzip/1, zip:unzip/2, zip:extract/1, zip:extract/2 unless the memory option is passed.

This issue affects OTP from OTP 17.0 until OTP 28.0.1, OTP 27.3.4.1 and OTP 26.2.5.13, corresponding to stdlib from 2.0 until 7.0.1, 6.2.2.1 and 5.2.3.4.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Modernizing your approach to governance, risk and compliance

ScyllaDB X Cloud’s autoscaling capabilities meet the needs of unpredictable workloads in real time

Parasoft C/C++test 2025.1, Secure Code Warrior AI Security Rules, and more – Daily News Digest

What I Wish Someone Told Me When I Was Getting Into ARIA

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

The biggest rival for Microsoft’s Xbox Ally is Valve’s Steam Deck, not Switch 2, so stop comparing the wrong gaming handhelds

Microsoft Copilot for Power Platform

Microsoft Copilot for Power Platform

Integrate Coveo Atomic CLI-Based Hosted Search Page into Adobe Experience Manager (AEM)

Mastering TypeScript: Your Ultimate Guide to Types, Inference & Compatibility

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Hades 2 gets another major update bringing new art, godly powers, and romance as Supergiant gets ready for the game’s full release

Sam Altman says OpenAI could need a “significant fraction” of the Earth’s power for future artificial intelligence computing

Microsoft’s Windows 95 testing phase was so intense that it crashed cash registers with over $10,000 worth of software

New Linux udisks flaw lets attackers get root on major Linux distros

New Linux udisks flaw lets attackers get root on major Linux distros

Cyberagentschap VS meldt actief misbruik van lek in Linux-kernel

BeyondTrust warns of pre-auth RCE in Remote Support software

Critical Linux Root Exploit Chain Discovered in PAM & UDisks, Affecting Major Distros

CVE-2025-3898 – Apache Webserver Denial of Service Vulnerability

Atomfall finally fixes the audio bug that almost made me quit

CVE-2025-48489 – FreeScout Cross-Site Scripting (XSS) Vulnerability

CVE-2025-4748 – Erlang OTP Path Traversal Vulnerability

CVE-2025-47959 – Visual Studio Command Injection Vulnerability

CVE-2025-26844 – Znuny Cookie Without HttpOnly Flag Vulnerability

CVE-2025-32917 – Checkmk Java Home Privilege Escalation

New Linux udisks flaw lets attackers get root on major Linux distros

New Linux udisks flaw lets attackers get root on major Linux distros

Related Posts