24h | 7d | 30d

Overview

  • Red Hat
  • Red Hat Enterprise Linux 10
  • libblockdev

19 Jun 2025
Published
11 Nov 2025
Updated

CVSS
Pending
EPSS
0.01%

KEV

Description

A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.

Statistics

  • 1 Post

Last activity: 20 hours ago

Bluesky

Profile picture fallback
No Kernel, No Problem: Chaining CVE-2025-6018 & CVE-2025-6019 for Root on a Patched Linux Box + Video Introduction: Modern Linux security relies on defense-in-depth, assuming that while the kernel is hardened, user-space misconfigurations can still lead to full system compromise. This article…
  • 0
  • 0
  • 0
  • 20h ago

Overview

  • Pending

13 Jul 2023
Published
30 Oct 2024
Updated

CVSS
Pending
EPSS
0.03%

KEV

Description

coreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not detect multiple Content-Type request headers on some platforms. This might allow attackers to bypass a WAF with a crafted payload, aka "Content-Type confusion" between the WAF and the backend application. This occurs when the web application relies on only the last Content-Type header. Other platforms may reject the additional Content-Type header or merge conflicting headers, leading to detection as a malformed header.

Statistics

  • 1 Post

Last activity: 15 hours ago

Bluesky

Profile picture fallback
🚨 #Debian LTS DLA-4488-1: Critical ModSecurity CRS patches released Fixes 2 high-impact WAF bypasses: 🔹 CVE-2023-38199: "Content-Type confusion" attacks. 🔹 CVE-2026-21876: Multipart request parsing logic flaw. Read mroe: 👉 tinyurl.com/42jjnmt4 #Security
  • 0
  • 0
  • 0
  • 15h ago

Overview

  • pam

23 Jul 2025
Published
06 Nov 2025
Updated

CVSS
Pending
EPSS
0.09%

KEV

Description

A Local Privilege Escalation (LPE) vulnerability has been discovered in pam-config within Linux Pluggable Authentication Modules (PAM). This flaw allows an unprivileged local attacker (for example, a user logged in via SSH) to obtain the elevated privileges normally reserved for a physically present, "allow_active" user. The highest risk is that the attacker can then perform all allow_active yes Polkit actions, which are typically restricted to console users, potentially gaining unauthorized control over system configurations, services, or other sensitive operations.

Statistics

  • 1 Post

Last activity: 20 hours ago

Bluesky

Profile picture fallback
No Kernel, No Problem: Chaining CVE-2025-6018 & CVE-2025-6019 for Root on a Patched Linux Box + Video Introduction: Modern Linux security relies on defense-in-depth, assuming that while the kernel is hardened, user-space misconfigurations can still lead to full system compromise. This article…
  • 0
  • 0
  • 0
  • 20h ago
Showing 21 to 23 of 23 CVEs