5 matches found
CVE-2018-17336
CVE-2018-17336 affects UDisks 2.8.0 where a format-string vulnerability in udisks_log (udiskslogging.c) can leak stack contents, enable a denial of service via memory corruption, or cause other impacts with malformed filesystem labels (demonstrated by %d/%n). Exploitation is local. Public reports...
CVE-2014-0004
CVE-2014-0004 affects the udisks package: a stack-based buffer overflow in mount path parsing can be triggered by long mount points, allowing local users to crash the daemon and potentially execute arbitrary code. Affected versions are udisks before 1.0.5 and udisks2 before 2.1.3; multiple adviso...
CVE-2010-1149
CVE-2010-1149 affects udisks prior to 1.0.1. The issue is in probers/udisks-dm-export.c which exports UDISKS_DM_TARGETS_PARAMS information to udev even for crypt UDISKS_DM_TARGETS_TYPE, allowing local users to discover encryption keys by (1) running a particular udevadm command or (2) reading a f...
CVE-2026-26104
CVE-2026-26104 affects the udisks storage management daemon. A privileged D-Bus method that exports encryption metadata does not perform a policy check, allowing unprivileged users to back up LUKS header data and potentially read or write sensitive cryptographic metadata to attacker-controlled lo...
CVE-2026-26103
The CVE-2026-26103 issue affects the udisks2 daemon (block device management) where a missing authorization check on the RestoreEncryptedHeader() D-Bus API allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite LUKS encryption headers. This can permanently invalida...