oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

udisks and udisks2: stack-based buffer overflow when handling long path names

From: Huzaifa Sidhpurwala <huzaifas () redhat com>
Date: Mon, 10 Mar 2014 15:46:04 +0530
Hi All,

Florian Weimer of the Red Hat Product Security Team, found a flaw in
the way udisks and udisks2 handled long path names. A malicious, local
user could use this flaw to create a specially-crafted directory
structure that could lead to arbitrary code execution with the
privileges of the udisks daemon (root).

This issue has been assigned CVE-2014-0004.

References:
http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html

Patches:
http://cgit.freedesktop.org/udisks/commit/?h=udisks1&id=ebf61ed8471
http://cgit.freedesktop.org/udisks/commit/?id=244967

Red Hat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1049703



-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: