Analysis

Two distinct sets of Linux vulnerabilities have heightened systemic risk for enterprise and cloud environments. Cybersecurity firm Qualys (QLYS) has disclosed two new vulnerabilities, CVE-2025-6018 and CVE-2025-6019, which can be chained together to grant an unprivileged local attacker full root access. The severity is magnified by the fact that the vulnerable Udisks component is installed by default on nearly all Linux distributions, prompting Qualys to label it a 'critical, universal risk'. This discovery, while underscoring a broad security threat, positively highlights Qualys's research capabilities, as reflected in its positive ticker-specific sentiment score (+0.5). Concurrently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a separate, older Linux kernel flaw, CVE-2023-0386, to its Known Exploited Vulnerabilities (KEV) catalog, confirming it is being actively exploited in the wild. This vulnerability was previously noted for its potential impact on 40% of Ubuntu cloud workloads, and its inclusion in the KEV catalog signals an immediate and ongoing threat that organizations must address. The combination of a newly discovered, widespread exploit chain and the active exploitation of a known flaw underscores the persistent and evolving attack surface of Linux, a foundational technology for a vast number of corporate servers and cloud infrastructure.