[tomek@vz]

Citiraj:

Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts.
The vulnerability, tracked as CVE-2025-8067, was publicly released on August 28, 2025, and has been classified with an Important severity rating by Red Hat Product Security.
Under normal operation, the Udisks daemon provides a D-BUS interface for managing storage devices, including the creation and removal of loop devices.
However, a flaw in the loop device handler fails to properly validate the lower bound of the file index parameter supplied by clients.

> gbhackers