If you experience any difficulty in accessing content on our website, please contact us at 1-866-333-8917 or email us at support@chicagovps.net and we will make every effort to assist you.

By
June 19, 2025

Urgent Security Alert: Major Linux Distros Vulnerable to Root-Level Threat – Update Now!

 

Linux server administrators should prioritize patching their systems immediately due to recently discovered vulnerabilities that allow any unprivileged user to gain root access.

The first vulnerability, identified as CVE-2025-6018, is a misconfiguration in the PAM (Pluggable Authentication Module) framework on openSUSE Leap 15 and SUSE Linux Enterprise 15. This misconfiguration involves the "allow_active" flag, which has been incorrectly set. This flaw enables non-local unprivileged users to perform actions that require elevated privileges, such as rebooting or shutting down the machine by simply SSH-ing into it.

The second vulnerability, CVE-2025-6019, poses a much more significant risk. It points to an issue within the libblockdev library used by the udisks daemon, which is included by default in most Linux distributions. If the "allow_active" flag is set to "yes" due to the first misconfiguration, an unprivileged user can escalate to full root access. To rectify this situation, Qualys recommends that administrators change the default policy for "org.freedesktop.udisks2.modify-device," modifying "allow_active" from "yes" to "auth_admin."

Qualys emphasizes that these vulnerabilities represent a "critical, universal risk," highlighting the urgency for all Linux administrators to patch their systems promptly to prevent exploitation.

For further details, see the Qualys blog for an in-depth analysis of the vulnerabilities: Qualys Blog.

ChicagoVPS is your gateway to unparalleled hosting solutions. Our state-of-the-art datacenters and powerful network ensures lightning-fast speeds and uninterrupted connectivity for your websites and applications. Whether you’re a startup looking for scalable resources or an enterprise in need of enterprise-grade hosting, our range of plans and customizable solutions guarantee a perfect fit. Trust in ChicagoVPS to deliver excellence, combining unmatched reliability and top-tier support.

For Inquiries or to receive a personalized quote, please reach out to us through our contact form here or email us at sales@chicagovps.net.

Popular Stories

Introducing CyberT: The BlackBerry-Inspired Handhe. June 19, 2025
Urgent Security Alert: Major Linux Distros Vulnera. June 19, 2025
Seamlessly Transition from Windows: Discover the U. June 18, 2025
Kali Linux Revamped: UI Refresh, New Tools, and En. June 17, 2025
9to5Linux Weekly Roundup: Highlights and News from. June 16, 2025
KDE Frameworks 6.15 Enhances Accessibility Feature. June 15, 2025

Subscribe Email

Popular Tags

Akaunting Amplification Attacks Apps Asana Cache Chicago VPS Cloud Core Cpanel Cyber Attacks Data Backup Data Recovery Dedicated Servers Digital Marketing Dropbox FreshBooks GIT Servers Github Gitlab GUI Healthcare Honeypot Hosting Install Outline KVM Maltermost Mattermost Memcached Monit MySQL Natural Disaster New Website Openproject OpenVZ Press Release Seafile Slack Stack Tutorials VPS Website Monitor Window VPS Wordpress Zammad Zendesk
Top