Security researchers from SecureLayer7 published the technical details and a proof-of-concept exploit for a security vulnerability, CVE-2025-6019, affecting Linux distributions that rely on the udisksd daemon and libblockdev backend, including Fedora and SUSE. The flaw allows local privilege escalation (LPE) to root for users in the allow_active group, and it’s disturbingly easy to exploit in misconfigured environments.