52
New Linux Flaws Enable Full Root Access via PAM and Udisks Across Major Distributions
(thehackernews.com)
this post was submitted on 19 Jun 2025
52 points (94.8% liked)
Linux
8467 readers
663 users here now
A community for everything relating to the GNU/Linux operating system (except the memes!)
Also, check out:
Original icon base courtesy of lewing@isc.tamu.edu and The GIMP
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Would implementing something like this prevent this problem?
https://discussion.fedoraproject.org/t/securing-fedora-with-fido2-utrust-full-disk-luks-gui-login-and-sudo-authentication/154136
That is a setup guide for hardware key and passkey auth. It is not a hardening guide, and does nothing to mitigate these LPE vulns.
Thank you. That's what I wanted to know.
This is said in the article:
Yeah... Can you tell me where to change this? This article is not very clear, who, where or what... I'm running headless Debian 12 and can't even find any variable related to
org.freedesktop.udisks2.modify-deviceor any polkit rule in/etc/polkit-1/rules.d/....and not even a PolicyKit package installed on my system (polkit?)...The only thing that comes close is
/usr/share/polkit-1/...Edit:
I guess this is a wrong assumption:
udisks2 is not even installed by default on my debian 12 system.