udisks: arbitrary code execution (CVE-2014-0004)
Florian Weimer of the Red Hat Product Security Team found a flaw in
the way udisks and udisks2 handled long path names. A malicious, local
user could use this flaw to create a specially-crafted directory
structure that could lead to arbitrary code execution with the
privileges of the udisks daemon (root). This has been assigned
CVE-2014-0004.
This has been fixed in udisks 2.1.3 and in 1.0.5 release.
http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html
http://udisks.freedesktop.org/releases/udisks-2.1.3.tar.bz2
http://hal.freedesktop.org/releases/udisks-1.0.5.tar.gz
(from redmine: issue id 2756, created on 2014-03-11, closed on 2014-03-14)
- Relations:
- child #2757 (closed)
- child #2758 (closed)
- child #2759 (closed)
- child #2760 (closed)