The Qualys Threat Research Unit (TRU) has uncovered two interconnected local privilege escalation (LPE) vulnerabilities—CVE-2025-6018 and CVE-2025-6019—that together enable attackers to gain full root access on a wide range of Linux distributions with minimal effort.
These flaws impact both desktop and server installations, and their exploitation requires only a local user session, such as SSH, making them a critical risk for enterprises and individuals alike.
https://gbhackers.com/critical-privileg ... ion-flaws/