4 results (0.005 seconds)

CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 1

CVE-2021-3802 – udisks2: insecure defaults in user-accessible mount helpers allow for a DoS

https://notcve.org/view.php?id=CVE-2021-3802

29 Nov 2021 — A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en udisks2. Este fallo permite a un atacante introducir un archivo de imagen/USB especialmente diseñado, conllevando a un pánico del kernel. • https://bugzilla.redhat.com/show_bug.cgi?id=2003649 • CWE-20: Improper Input Validation •

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

CVE-2010-4661

https://notcve.org/view.php?id=CVE-2010-4661

13 Nov 2019 — udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. udisks versiones anteriores a la versión 1.0.3, permite a un usuario local cargar módulos arbitrarios del kernel de Linux. • http://lists.opensuse.org/opensuse-security-announce/2011-05/msg00000.html • CWE-434: Unrestricted Upload of File with Dangerous Type •

CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0

CVE-2014-0004 – udisks2: stack-based buffer overflow when handling long path names

https://notcve.org/view.php?id=CVE-2014-0004

10 Mar 2014 — Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point. Desbordamiento de buffer basado en pila en udisks anterior a 1.0.5 y 2.x anterior a 2.1.3 permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un punto de montaje largo. The udisks package provides a daemon, a D-Bus API, and command line utilities for ma... • http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0

CVE-2010-1149

https://notcve.org/view.php?id=CVE-2010-1149

12 Apr 2010 — probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/. probers/udisks-dm-export.c en udisks anteriores a v1.0.1 exporta información UDISKS_DM_TARGETS_PARAMS a udev incluso para UDISKS_DM_TARGETS_TYPE cifrados, lo que permite a usuarios locales descubrir las claves de cifrado m... • http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=576687 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •