CVSS: 6.3EPSS: 0%CPEs: 3EXPL: 1CVE-2021-3802 – udisks2: insecure defaults in user-accessible mount helpers allow for a DoS
https://notcve.org/view.php?id=CVE-2021-3802
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. Una vulnerabilidad encontrada en udisks2. Este fallo permite a un atacante introducir un archivo de imagen/USB especialmente diseñado, conllevando a un pánico del kernel. • https://bugzilla.redhat.com/show_bug.cgi?id=2003649 https://lists.debian.org/debian-lts-announce/2023/04/msg00009.html https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-045.txt https://access.redhat.com/security/cve/CVE-2021-3802 • CWE-20: Improper Input Validation •
CVSS: 6.9EPSS: 0%CPEs: 14EXPL: 0CVE-2014-0004 – udisks2: stack-based buffer overflow when handling long path names
https://notcve.org/view.php?id=CVE-2014-0004
Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point. Desbordamiento de buffer basado en pila en udisks anterior a 1.0.5 y 2.x anterior a 2.1.3 permite a usuarios locales causar una denegación de servicio (caída) y posiblemente ejecutar código arbitrario a través de un punto de montaje largo. • http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00051.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00052.html http://lists.opensuse.org/opensuse-updates/2014-03/msg00053.html http://rhn.redhat.com/errata/RHSA-2014-0293.html http://www.debian.org/security/2014/dsa-2872 http://www.securityfocus.com/bid/66081 http://www.ubuntu.com/usn/USN-2142-1 https://access.redhat.com/security/cve& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121: Stack-based Buffer Overflow •