==========================================================================
Ubuntu Security Notice USN-7578-1
June 18, 2025

udisks2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 25.04
- Ubuntu 24.10
- Ubuntu 24.04 LTS
- Ubuntu 22.04 LTS

Summary:

UDisks could be made to run programs as an administrator.

Software Description:
- udisks2: service to access and manipulate storage devices

Details:

It was discovered that UDisks incorrectly handled mount options when
resizing certain filesystems. A local attacker with an active session on
the console can use this issue to escalate their privileges to root.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 25.04
  libudisks2-0                    2.10.1-11ubuntu2.2
  udisks2                         2.10.1-11ubuntu2.2

Ubuntu 24.10
  libudisks2-0                    2.10.1-9ubuntu3.2
  udisks2                         2.10.1-9ubuntu3.2

Ubuntu 24.04 LTS
  libudisks2-0                    2.10.1-6ubuntu1.2
  udisks2                         2.10.1-6ubuntu1.2

Ubuntu 22.04 LTS
  libudisks2-0                    2.9.4-1ubuntu2.2
  udisks2                         2.9.4-1ubuntu2.2

After a standard system update you need to reboot your computer to make all
the necessary changes.

References:
  https://ubuntu.com/security/notices/USN-7578-1
  CVE-2025-6019

Package Information:
  https://launchpad.net/ubuntu/+source/udisks2/2.10.1-11ubuntu2.2
  https://launchpad.net/ubuntu/+source/udisks2/2.10.1-9ubuntu3.2
  https://launchpad.net/ubuntu/+source/udisks2/2.10.1-6ubuntu1.2
  https://launchpad.net/ubuntu/+source/udisks2/2.9.4-1ubuntu2.2