libblockdev-2.28-14.el9_6
エラータID: AXSA:2025-10552:03
リリース日:
2025/07/22 Tuesday - 19:26
題名:
libblockdev-2.28-14.el9_6
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
The libblockdev packages provide a C library with GObject introspection support used for low-level operations on block devices. The library serves as a thin wrapper around plug-ins for specific functionality, such as LVM, Btrfs, LUKS, or MD RAID.
Security Fix(es):
* libblockdev: LPE from allow_active to root in libblockdev via udisks (CVE-2025-6019)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-6019
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
解決策:
Update packages.
CVE:
CVE-2025-6019
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
A Local Privilege Escalation (LPE) vulnerability was found in libblockdev. Generally, the "allow_active" setting in Polkit permits a physically present user to take certain actions based on the session type. Due to the way libblockdev interacts with the udisks daemon, an "allow_active" user on a system may be able escalate to full root privileges on the target host. Normally, udisks mounts user-provided filesystem images with security flags like nosuid and nodev to prevent privilege escalation. However, a local attacker can create a specially crafted XFS image containing a SUID-root shell, then trick udisks into resizing it. This mounts their malicious filesystem with root privileges, allowing them to execute their SUID-root shell and gain complete control of the system.
追加情報:
N/A
ダウンロード:
SRPMS
- libblockdev-2.28-14.el9_6.src.rpm
MD5: 09b9f5a14e57ea9c07a5f8b4456736ec
SHA-256: b7f23dd668b76999a9ff81a062a3356638777cc704699969963454c5c0a0fed3
Size: 1.02 MB
Asianux Server 9 for x86_64
- libblockdev-2.28-14.el9_6.i686.rpm
MD5: 85094db8793140d9ee7c50c7f69708b2
SHA-256: 6a4ca188e271c714af923fb29e149de07b78d2a6048db382e83a0ff28e34e16c
Size: 92.83 kB - libblockdev-2.28-14.el9_6.x86_64.rpm
MD5: fc93f9ec9827cbac2ec9d8d91536b544
SHA-256: 5cb8fb82708cff3ff84e8e109daec7b84fc90a4cc7b989e87eebf5daa48c0c88
Size: 89.87 kB - libblockdev-crypto-2.28-14.el9_6.i686.rpm
MD5: 328186ad232360bdd92f96a7898af0a8
SHA-256: 5f22d054fead2ddf26b8bd8229d846b91335db80bd482725e6a36a7b06d55219
Size: 30.75 kB - libblockdev-crypto-2.28-14.el9_6.x86_64.rpm
MD5: 6adb4e58aebebf9aca8a5808d99bf166
SHA-256: 3ea436b069b0549bd03ae0aaa392627e3525368b205e63dd723c5a089f1f4c46
Size: 28.27 kB - libblockdev-dm-2.28-14.el9_6.i686.rpm
MD5: 73da6c974a99a4573cc0974a8c27c50f
SHA-256: 2834e3b5ad1608339837e598f20fdefadeedfce4fbc80cd336697c6174d3ea60
Size: 14.98 kB - libblockdev-dm-2.28-14.el9_6.x86_64.rpm
MD5: 517395f317112bfd6650e2fb3481428b
SHA-256: 7197d390bba345cf291388ae33782047fc6a8ac2f16738ed687e72a112c012ca
Size: 14.59 kB - libblockdev-fs-2.28-14.el9_6.i686.rpm
MD5: 37fa3c459fbf026c347c888a65ce84d3
SHA-256: dae85c12f52e4b74bb02de2ed18d248edfb036b431f4a54700f71fcf87c75f35
Size: 33.13 kB - libblockdev-fs-2.28-14.el9_6.x86_64.rpm
MD5: 097ca9cf26ccd4b9462acdf9932f962d
SHA-256: 4d7752d7d1591445c67fa9034e112bba133ce26fbb9ae43baca6552793a3b02b
Size: 30.33 kB - libblockdev-kbd-2.28-14.el9_6.i686.rpm
MD5: 75b25b7ba46c6eb26f4df89cd9a0add1
SHA-256: 9dbb4ec0e9519626b775e1eff4e6332b0f0fafa31aa34c0b01e51d54dae13284
Size: 23.70 kB - libblockdev-kbd-2.28-14.el9_6.x86_64.rpm
MD5: 3fe13c0caee58f5ba980e5ade057a50a
SHA-256: c71e33f90d1b191dc28fa1e856f74432ab576d539f05cb9e740517be0790855a
Size: 21.50 kB - libblockdev-loop-2.28-14.el9_6.i686.rpm
MD5: e95da882078406e7550945b98ec5462b
SHA-256: 6ad921d734d808632ad450f3d1534d1d42491a7fb0c245e074f552092223c7fb
Size: 14.99 kB - libblockdev-loop-2.28-14.el9_6.x86_64.rpm
MD5: 5396e7792b11014a430dc959fd687a74
SHA-256: ab6b2587a15004219b09148692d7720d6b6c6886a247e7942f99e585a153ae26
Size: 14.44 kB - libblockdev-lvm-2.28-14.el9_6.i686.rpm
MD5: edcfb3eef693aa7238e246e8c94a6b61
SHA-256: d171bdb07d7e8aaaab6179cf98422a3e00145615cf0d3bd1e7bbdc0435d0b9a6
Size: 37.29 kB - libblockdev-lvm-2.28-14.el9_6.x86_64.rpm
MD5: a6070006254df89b19a5111233a4a9a9
SHA-256: e272505dde15fa46ce32312f184971bee7bb9edd06c820cbc433b61eb99825bb
Size: 32.74 kB - libblockdev-lvm-dbus-2.28-14.el9_6.i686.rpm
MD5: 417925f6a5f4531eac1c4a6031f1519f
SHA-256: 22c16222b1a2166e94d09e2a00eb6e29e9d868ca309cb4ca1e662139659982fc
Size: 44.46 kB - libblockdev-lvm-dbus-2.28-14.el9_6.x86_64.rpm
MD5: 6500873f55212d9824f57b7ee6119b20
SHA-256: 07702207368a728918e0eb410c734a8ed6c9b5f5264b60db6ebc930e00c0477d
Size: 39.08 kB - libblockdev-mdraid-2.28-14.el9_6.i686.rpm
MD5: fdf22c4c47ae2c9b285da466dda27787
SHA-256: bf35139d4d6b6c6ccadde28f429111616f2b5452d059bb7e6e607143ceca6105
Size: 21.75 kB - libblockdev-mdraid-2.28-14.el9_6.x86_64.rpm
MD5: 7fdc797fc19e3a577552be52a57645ac
SHA-256: d83d27e5e21ce7f13847aa4da2124f14ed4da954a8ff59004affbc65f9fd603e
Size: 20.12 kB - libblockdev-mpath-2.28-14.el9_6.i686.rpm
MD5: 0d57ea6dbd1d759c8fc6b0491e59bf76
SHA-256: 9de631d41165b56423679b9a96d632c404db8a7db744370ec9d6629cd362b8d4
Size: 16.41 kB - libblockdev-mpath-2.28-14.el9_6.x86_64.rpm
MD5: ff9f0f39f5b3fbe1150404d597fda8b9
SHA-256: e9b770ae71a5a8074e995479d84d85b5fc8709b0f643fa83596a47cb2f1757a0
Size: 15.53 kB - libblockdev-nvdimm-2.28-14.el9_6.i686.rpm
MD5: 6070c1c963ccca19c755fdcdf4164562
SHA-256: ea23c86a3de42e303682cbd381fac690200c72789fea416944197ad006fc6f0c
Size: 16.78 kB - libblockdev-nvdimm-2.28-14.el9_6.x86_64.rpm
MD5: 4de38ffff8397437814a6b67e35ebbd7
SHA-256: 203386d947f1d6aa5f8a7b6bd4ec224e387539e31c4d46c9b7b7f5b030601b7b
Size: 16.17 kB - libblockdev-nvme-2.28-14.el9_6.i686.rpm
MD5: a12b9d9edae089070757109d3656d01a
SHA-256: 37665c7aea7dca4fdcd3fde0f05d1aff23ae7c436a7448169042c409f64083f6
Size: 29.08 kB - libblockdev-nvme-2.28-14.el9_6.x86_64.rpm
MD5: 67ee2dffed1c39333ce9f886302089a3
SHA-256: 8be682b49fa76b7042e1d85da291f29f8f176ba1bf11aa26e49a4f05d2ce594a
Size: 26.57 kB - libblockdev-part-2.28-14.el9_6.i686.rpm
MD5: e52530c96324b5bb4c7401647c045bc1
SHA-256: 17f0eabb140e7a4d136bc06ad0957cc2309463c52bb5c965074ae3fa7f5d3e7c
Size: 26.18 kB - libblockdev-part-2.28-14.el9_6.x86_64.rpm
MD5: 0ece915b49ccbbc34522a41d91456dc7
SHA-256: c2f9ff57d516c5aa133e17b0456e1ab21fdd090d5557f81709edb97da576c171
Size: 23.14 kB - libblockdev-plugins-all-2.28-14.el9_6.x86_64.rpm
MD5: dc48f41253c453a4c7287524560427d3
SHA-256: d4bceb74bd4e576524d4cda14b2b15b916031f96e399c75ed5816a342541ac53
Size: 7.74 kB - libblockdev-swap-2.28-14.el9_6.i686.rpm
MD5: c920c66611d855af7ff2ff29443d3529
SHA-256: 8207e46ff68285ad54ddeba649d1a5cb616697358f8ec79972b95d15f32aaae1
Size: 15.55 kB - libblockdev-swap-2.28-14.el9_6.x86_64.rpm
MD5: 2cac26c172fd133891e990ca5bedb6a8
SHA-256: 7b882e6da793769ac1bd851fd94872c72bc39d8e393a7825df91177ecbada268
Size: 15.14 kB - libblockdev-tools-2.28-14.el9_6.x86_64.rpm
MD5: f5fc1190706b16db2151b188072fa47b
SHA-256: 93557a2da28c1f9b10ed270ed653150edbc21e80a92f251e4f94d254e5a00c28
Size: 12.97 kB - libblockdev-utils-2.28-14.el9_6.i686.rpm
MD5: ff329dded3a973fada4ccc96da26879e
SHA-256: 73516c7d3389b60da65bf8fd5652371d3a09783906191dd475337b168d3fc569
Size: 26.14 kB - libblockdev-utils-2.28-14.el9_6.x86_64.rpm
MD5: ccebf0288e3df1ad996872614f987c67
SHA-256: b61203481a99ee463d406a6e81e9e8720f0ee45df58d15085f6b00819f5ca791
Size: 24.68 kB - python3-blockdev-2.28-14.el9_6.x86_64.rpm
MD5: 9f1bf492a31b3f5957d1738496f79c0d
SHA-256: 77fccf0adfbd456a6b6cd8c5b114746e3aad3dd9b2a4577fa72f0cd5c17809b5
Size: 26.19 kB