Impact
A flaw exists in the libblkid library of util-linux, where nested partition probing can cache a raw pointer to a parent partition entry in a temporary array. If the array is reallocated due to additional partitions, the pointer becomes stale and a heap use‑after‑free read occurs. This vulnerability is a CWE‑416 issue. The potential impact includes limited disclosure of data residing in memory and the possibility of a denial of service by causing libblkid to crash. The flaw can be triggered automatically without user interaction whenever a block device is hot‑plugged, as udev/udisks invoke libblkid as root during such events.
Affected Systems
Affected products are various Red Hat offerings, including Red Hat Enterprise Linux 7, 8, 9, 10, Red Hat Hardened Images, and Red Hat OpenShift Container Platform 4. The vulnerable component is the util‑linux libblkid library used by udev/udisks in these distributions.
Risk and Exploitability
The CVSS score of 6.8 indicates a medium‑to‑high severity. The EPSS score is not available, so the likelihood of exploitation cannot be quantified at this time, and the vulnerability is not listed in the CISA KEV catalog. Attackers would need the ability to present a crafted block device image—such as inserting a USB drive or mounting a malicious loop image—to trigger the flaw, which is typically executed with root privileges by automatic system services.
OpenCVE Enrichment