Lucene search
+L

352 matches found

osv
osv
added 2026/03/05 9:12 a.m.7 views

RLSA-2026:3476 Important: udisks2 security update

The Udisks project provides a daemon, tools, and libraries to access and manipulate disks, storage devices, and technologies. Security Fixes: udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API CVE-2026-26104 udisks: Missing Authorization Che...

7.1CVSS5.8AI score0.00075EPSS
Exploits0References3
rocky
rocky
added 2026/03/05 9:12 a.m.7 views

udisks2 security update

An update is available for udisks2. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The Udisks project provides a daemon, tools, and libraries to access and...

7.1CVSS6AI score0.00075EPSS
Exploits0
nessus
nessus
added 2026/03/05 12:0 a.m.4 views

Oracle Linux 10 : udisks2 (ELSA-2026-3476)

The remote Oracle Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-3476 advisory. - Add missing polkit check for RestoreEncryptedHeader CVE-2026-26103 RHEL-148565 Tenable has extracted the preceding description block directly from t...

7.1CVSS5.9AI score0.00075EPSS
Exploits0References3
nessus
nessus
added 2026/03/04 12:0 a.m.5 views

Fedora 43 : udisks2 (2026-c6d7c9de1d)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-c6d7c9de1d advisory. Rebase to latest upstream release Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus...

7.1CVSS5.9AI score0.00075EPSS
Exploits0References3
broadcom
broadcom
added 2026/03/03 12:0 a.m.21 views

UDisks Daemon Vulnerable to Local Privilege Escalation via Negative Index in Loop Device Handler

Udisks is vulnerable to out-of-bounds read due to improper validation of the index parameter in the loop device handler. This could allow an attacker to crash the UDisks daemon or perform local privilege escalation by accessing files owned by privileged users...

8.5CVSS5.9AI score0.0065EPSS
Exploits1
redhat
redhat
added 2026/03/02 1:43 a.m.7 views

udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.7AI score0.00075EPSS
Exploits0References5
redhat
redhat
added 2026/03/02 1:43 a.m.4 views

udisks: Missing Authorization Check Allows Unprivileged Users to Restore LUKS Headers via udisks D-Bus API

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS5.8AI score0.00075EPSS
Exploits0References5
fedora
fedora
added 2026/02/27 12:56 a.m.6 views

[SECURITY] Fedora 43 Update: udisks2-2.11.1-1.fc43

The Udisks project provides a daemon, tools and libraries to access and manipulate disks, storage devices and technologies...

7.1CVSS5.9AI score0.00075EPSS
Exploits0
susecve
susecve
added 2026/02/26 12:25 a.m.6 views

SUSE CVE-2026-26103

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS5.7AI score0.00075EPSS
Exploits0References4
susecve
susecve
added 2026/02/26 12:25 a.m.3 views

SUSE CVE-2026-26104

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.7AI score0.00075EPSS
Exploits0References3
nessus
nessus
added 2026/02/26 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-26103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization...

7.1CVSS5.9AI score0.00075EPSS
Exploits0References2
euvd
euvd
added 2026/02/25 12:30 p.m.6 views

EUVD-2026-8635

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.4AI score0.00075EPSS
Exploits0References3
euvd
euvd
added 2026/02/25 12:30 p.m.8 views

EUVD-2026-8634

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS5.4AI score0.00075EPSS
Exploits0References3
nvd
nvd
added 2026/02/25 11:16 a.m.19 views

CVE-2026-26104

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS0.00075EPSS
Exploits0References5
osv
osv
added 2026/02/25 11:16 a.m.5 views

DEBIAN-CVE-2026-26104

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.2AI score0.00075EPSS
Exploits0References1
osv
osv
added 2026/02/25 11:16 a.m.6 views

DEBIAN-CVE-2026-26103

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS5.2AI score0.00075EPSS
Exploits0References1
nvd
nvd
added 2026/02/25 11:16 a.m.10 views

CVE-2026-26103

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS0.00075EPSS
Exploits0References6
ubuntucve
ubuntucve
added 2026/02/25 11:16 a.m.10 views

CVE-2026-26103

A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption metadata on block...

7.1CVSS5.8AI score0.00075EPSS
Exploits0References2
ubuntucve
ubuntucve
added 2026/02/25 11:16 a.m.6 views

CVE-2026-26104

A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a result, sensitiv...

5.5CVSS5.8AI score0.00075EPSS
Exploits0References2
cve
cve
added 2026/02/25 10:51 a.m.24 views

CVE-2026-26104

CVE-2026-26104 affects the udisks storage management daemon. A privileged D-Bus method that exports encryption metadata does not perform a policy check, allowing unprivileged users to back up LUKS header data and potentially read or write sensitive cryptographic metadata to attacker-controlled lo...

5.5CVSS5.4AI score0.00075EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder