努力挣扎的生活
yangfk
2025-08-08

libblockdev库本地提权漏洞(CVE-2025-6019)

//
Linux系统libblockdev库本地提权漏洞(NVDB-CNVDB-2025637145/CVE-2025-6019)
拥有allow_active用户组权限的攻击者可通过udisks服务利用该漏洞提升至root权限,进而控制系统,Ubuntu、Debian、Fedora、openSUSE Leap 15 等默认安装udisks服务的Linux发生版均受此影响。

# ubunut22.04

  • 添加ubuntu官方源
cat >>/etc/apt/source.list<<'EOF'
deb http://archive.ubuntu.com/ubuntu jammy main restricted universe multiverse
deb http://archive.ubuntu.com/ubuntu jammy-updates main restricted universe multiverse
EOF
apt update -y
1
2
3
4
5
  • 离线下载包
mkdir libblockdev2  && cd  libblockdev2
apt download libblockdev2 libblockdev-utils2 libblockdev-crypto2 libblockdev-part-err2 \
libblockdev-part2 libblockdev-fs2 libblockdev-btrfs2 libblockdev-lvm2 libblockdev-mdraid2 \
libblockdev-part-err2  libblockdev-btrfs2 libbytesize1 libbytesize-common libblockdev-loop2 libblockdev-swap2
1
2
3
4
  • 安装
dpki -i ./*
systemctl restart udisks2.service
1
2
//
如果此文章对您有帮助,点击 -->> 请博主喝咖啡 (opens new window)
Linux Polkit 权限提升漏洞(CVE-2021-4034)
minio分布式文件存储

minio分布式文件存储

最近更新
01
postgreSQL通过keepalived配置主从自动切换
 06-30
02
ubuntu2204编译安装php7.4.33
 06-30
03
nginx之resolver解析
 06-19
更多文章>
Theme by Vdoing | Copyright © 2019-2025 yangfk | 湘ICP备2021014415号-1
×
//