oss-sec mailing list archives
udisks and udisks2: stack-based buffer overflow when handling long path names
From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Mon, 10 Mar 2014 15:46:04 +0530
Hi All, Florian Weimer of the Red Hat Product Security Team, found a flaw in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon (root). This issue has been assigned CVE-2014-0004. References: http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html Patches: http://cgit.freedesktop.org/udisks/commit/?h=udisks1&id=ebf61ed8471 http://cgit.freedesktop.org/udisks/commit/?id=244967 Red Hat bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1049703 -- Huzaifa Sidhpurwala / Red Hat Security Response Team
Current thread:
- udisks and udisks2: stack-based buffer overflow when handling long path names Huzaifa Sidhpurwala (Mar 10)