CVE-2025-8067
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-28

Last updated on: 2025-11-04

Assigner: Red Hat, Inc.

Description
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-28
Last Modified
2025-11-04
Generated
2026-05-07
AI Q&A
2025-08-28
EPSS Evaluated
2026-05-05
NVD
CVE-2025-8067
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
redhat udisks2 2.9.2-2+deb11u3
redhat udisks2 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-125 The product reads data past the end, or before the beginning, of the intended buffer.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an out-of-bounds read flaw in the UDisks daemon on Linux systems. It allows unprivileged users to create loop devices via the D-BUS interface by providing a negative index value, which the daemon fails to properly validate. This can cause the daemon to crash or allow attackers to escalate their privileges locally by accessing files owned by privileged users. [1]


How can this vulnerability impact me? :

Exploiting this vulnerability can cause the UDisks daemon to crash, disrupting system operations. More critically, it can enable a local attacker to escalate their privileges by gaining access to files owned by privileged users, potentially compromising system security and sensitive data. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

Detection of this vulnerability involves monitoring the UDisks daemon for crashes or abnormal behavior, as exploitation can cause the daemon to crash. Additionally, checking for unexpected loop devices created by unprivileged users via the D-BUS interface may indicate exploitation attempts. Specific commands to detect this include: 1) Checking UDisks daemon status and logs: `systemctl status udisks2` and `journalctl -u udisks2` for crash reports or errors. 2) Listing loop devices: `losetup -a` to identify any unusual loop devices. 3) Monitoring D-BUS activity related to UDisks may require advanced logging or auditing tools. However, no explicit detection commands are provided in the resources. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include updating the UDisks daemon to a patched version provided by your Linux distribution vendor once available. Until a patch is applied, restrict unprivileged user access to the D-BUS interface used by UDisks to prevent exploitation. Monitoring and limiting the creation of loop devices by unprivileged users can also reduce risk. Since the vulnerability allows local privilege escalation, ensure that only trusted users have local access to the system. Specific mitigation commands or patches are not detailed in the provided resources. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart