{"id":"AZL-64187","summary":"CVE-2025-6019 affecting package libblockdev 2.28-3","details":"A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the \"allow_active\" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an \"allow_active\" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation.  However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.","modified":"2026-04-21T04:32:19.471554Z","published":"2025-06-19T12:15:19Z","upstream":["CVE-2025-6019"],"references":[{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6019"}],"affected":[{"package":{"name":"libblockdev","ecosystem":"Azure Linux:2","purl":"pkg:rpm/azure-linux/libblockdev"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"last_affected":"2.28-3"}]}],"database_specific":{"source":"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-64187.json"}}],"schema_version":"1.7.5"}