Two newly discovered Local Privilege Escalation (LPE) vulnerabilities, CVE-2025-6018 and CVE-2025-6019, allow attackers to gain full root control on several Linux distributions. CVE-2025-6018 enables attackers to manipulate environment variables during login, while CVE-2025-6019 allows attackers to gain root access by abusing how XFS file systems are resized. System administrators should apply vendor patches immediately and take additional security measures to reduce exposure.
Edward Kiledjian
@ekiledjian