01.09.2025., 22:09
|
#436
|
|
Premium
Datum registracije: May 2006
Lokacija: München/Varaždin
Postovi: 4,814
|
Citiraj:
Red Hat has disclosed a critical security flaw in the Udisks daemon that allows unprivileged users to exploit an out-of-bounds read vulnerability and gain access to files owned by privileged accounts.
The vulnerability, tracked as CVE-2025-8067, was publicly released on August 28, 2025, and has been classified with an Important severity rating by Red Hat Product Security.
Under normal operation, the Udisks daemon provides a D-BUS interface for managing storage devices, including the creation and removal of loop devices.
However, a flaw in the loop device handler fails to properly validate the lower bound of the file index parameter supplied by clients.
|
> gbhackers
__________________
Lenovo LOQ 15AHP9 83DX || AMD Ryzen 5 8645HS / 16GB DDR5 / Micron M.2 2242 1TB / nVidia Geforce RTX 4050 / Windows 11 Pro
Lenovo Thinkpad L15 Gen 1 || Intel Core i5 10210U / 16GB DDR4 / WD SN730 256GB / Intel UHD / Fedora Workstation 42
|
|
|