Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2014-0004

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2014-0004
Last Modified 26 Mar 2014 12:55:44
Published 11 Mar 2014 03:37:03
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2014-0004

Summary

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

Vulnerable Systems

Operating System

  • Canonical Ubuntu Linux 12.04

  • Canonical Ubuntu Linux 12.10

  • Canonical Ubuntu Linux 13.10

Application

  • Freedesktop Udisks 1.0

  • Freedesktop Udisks 1.0.1

  • Freedesktop Udisks 1.0.4

  • Freedesktop Udisks 2.0.0

  • Freedesktop Udisks 2.0.1

  • Freedesktop Udisks 2.0.90

  • Freedesktop Udisks 2.0.91

  • Freedesktop Udisks 2.0.92

  • Freedesktop Udisks 2.1.0

  • Freedesktop Udisks 2.1.1

  • Freedesktop Udisks 2.1.2


References

UBUNTU - USN-2142-1

MLIST - [devkit-devel] 20140310 udisks 2.1.3 / 1.0.5 security updates

DEBIAN - DSA-2872

REDHAT - RHSA-2014:0293

SUSE - openSUSE-SU-2014:0390

SUSE - openSUSE-SU-2014:0389

SUSE - openSUSE-SU-2014:0388


Last Updated: 27 May 2016 11:04:46