352 matches found
RLSA-2026:3476 Important: udisks2 security update
The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fixes: udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API CVE-2026-26104 udisks: Missing Authorization Che...
udisks2 security update
An update is available for udisks2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Udisks project provides a daemon, tools, and libraries to access and...
Oracle Linux 10 : udisks2 (ELSA-2026-3476)
The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3476 advisory. - Add missing polkit check for RestoreEncryptedHeader CVE-2026-26103 RHEL-148565 Tenable has extracted the preceding description block directly from t...
Fedora 43 : udisks2 (2026-c6d7c9de1d)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c6d7c9de1d advisory. Rebase to latest upstream release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...
UDisks Daemon Vulnerable to Local Privilege Escalation via Negative Index in Loop Device Handler
Udisks is vulnerable to out-of-bounds read due to improper validation of the index parameter in the loop device handler. This could allow an attacker to crash the UDisks daemon or perform local privilege escalation by accessing files owned by privileged users...
udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
udisks: Missing Authorization Check Allows Unprivileged Users to Restore LUKS Headers via udisks D-Bus API
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...
[SECURITY] Fedora 43 Update: udisks2-2.11.1-1.fc43
The Udisks project provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies...
SUSE CVE-2026-26103
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...
SUSE CVE-2026-26104
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
Linux Distros Unpatched Vulnerability : CVE-2026-26103
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization...
EUVD-2026-8635
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
EUVD-2026-8634
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...
CVE-2026-26104
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
DEBIAN-CVE-2026-26104
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
DEBIAN-CVE-2026-26103
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...
CVE-2026-26103
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...
CVE-2026-26103
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...
CVE-2026-26104
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...
CVE-2026-26104
CVE-2026-26104 affects the udisks storage management daemon. A privileged D-Bus method that exports encryption metadata does not perform a policy check, allowing unprivileged users to back up LUKS header data and potentially read or write sensitive cryptographic metadata to attacker-controlled lo...