CVE-2025-8067

A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.

CVSS v3 8.5 HIGH

8.5^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 5.3

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact HIGH

Scope CHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2025:15017
https://access.redhat.com/errata/RHSA-2025:15018
https://access.redhat.com/errata/RHSA-2025:15020
https://access.redhat.com/security/cve/CVE-2025-8067
https://bugzilla.redhat.com/show_bug.cgi?id=2388623

Configurations

No configuration.

History

02 Sep 2025, 09:15

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2025:15017 - () https://access.redhat.com/errata/RHSA-2025:15018 - () https://access.redhat.com/errata/RHSA-2025:15020 -

28 Aug 2025, 15:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-08-28 15:16

Updated : 2025-09-02 09:15

NVD link : CVE-2025-8067

Mitre link : CVE-2025-8067

CVE.ORG link : CVE-2025-8067

JSON object : View

Products Affected

No product.

CWE

CWE-125

Out-of-bounds Read

8.5 /10