Freedesktop » Udisks : Security Vulnerabilities, CVEs,

CVE-2018-17336

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
Max CVSS
7.8
EPSS Score
0.09%
Published
2018-09-22
Updated
2019-08-06

CVE-2014-0004

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
Max CVSS
6.9
EPSS Score
0.04%
Published
2014-03-11
Updated
2023-02-13

CVE-2010-1149

probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/.
Max CVSS
2.1
EPSS Score
0.04%
Published
2010-04-12
Updated
2010-04-13
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close