Security researchers disclosed a critical local privilege escalation (LPE) vulnerability affecting Fedora, SUSE, and other major Linux distributions.
The flaw, tracked as CVE-2025-6019, resides in the interaction between the udisksd daemon and its backend library, libblockdev.
A proof-of-concept (PoC) exploit has been released, demonstrating how a user in the allow_active group can escalate privileges to root with minimal effort in certain misconfigured environments.
https://gbhackers.com/poc-released-for- ... tion-flaw/