Designated as CVE-2025-0927, this out-of-bounds write vulnerability in the Linux kernel’s HFS+ filesystem driver affects systems running kernels up to version 6.12.0, with Ubuntu 22.04 with Linux Kernel 6.5.0-18-generic confirmed vulnerable. A severe vulnerability in the Linux kernel has remained undetected for nearly two decades, allowing local users to gain root privileges on affected systems. While mounting filesystems typically requires elevated privileges, modern Linux distributions like Ubuntu come with default polkit rules that allow users with active local sessions to mount filesystems through the udisks2 service. Despite previous fuzzing efforts, this particular vulnerability remained undetected, demonstrating that manual code analysis continues to be essential for identifying certain classes of security flaws. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. This newly discovered vulnerability represents a significant security concern for Linux systems. This vulnerability affects numerous Linux distributions running vulnerable kernel versions. Users and administrators should ensure their systems are updated with the latest security patches to mitigate this threat. According to SSD advisory, the flaw exists in the HFS+ driver, which supports Apple’s legacy file system format that was the primary MacOS X filesystem until replaced by APFS in 2017. Users with active local sessions can exploit it to gain root privileges, potentially compromising the entire system.
This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 20 Mar 2025 07:35:04 +0000