Linux UDisks Daemon Vulnerability Lets Attackers Access Privileged User Files
Posted: Sun Sep 07, 2025 8:10 am
Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts.
The vulnerability, tracked as CVE-2025-8067, was publicly released on August 28, 2025, and has been classified with an Important severity rating by Red Hat Product Security.
Under normal operation, the Udisks daemon provides a D-BUS interface for managing storage devices, including the creation and removal of loop devices.
https://gbhackers.com/linux-udisks-daem ... erability/
The vulnerability, tracked as CVE-2025-8067, was publicly released on August 28, 2025, and has been classified with an Important severity rating by Red Hat Product Security.
Under normal operation, the Udisks daemon provides a D-BUS interface for managing storage devices, including the creation and removal of loop devices.
https://gbhackers.com/linux-udisks-daem ... erability/