libblockdev could be made to run programs as an administrator.
Software Description:
- libblockdev: libblockdev introspection data
Details:
USN-7577-1 fixed a vulnerability in libblockdev. This update provides
the corresponding update for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
Original advisory details:
It was discovered that libblockdev incorrectly handled mount options when
resizing certain filesystems. A local attacker with an active session on
the console can use this issue to escalate their privileges to root.
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
libblockdev2 2.23-2ubuntu3+esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
libblockdev2 2.16-2ubuntu0.1~esm1
Available with Ubuntu Pro
After a standard system update you need to reboot your computer to make all
the necessary changes.https://ubuntu.com/security/notices/USN-7577-2
https://ubuntu.com/security/notices/USN-7577-1
CVE-2025-6019
Get the latest Linux and open source security news straight to your inbox.