Upstream information

CVE-2014-0004 at MITRE

Description

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

SUSE information

CVSS v2 Scores
  National Vulnerability Database
Base Score 6.89
Vector AV:L/AC:M/Au:N/C:C/I:C/A:C
Access Vector Local
Access Complexity Medium
Authentication None
Confidentiality Impact Complete
Integrity Impact Complete
Availability Impact Complete
SUSE Bugzilla entry: 865854 [RESOLVED / FIXED]

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
SUSE Linux Enterprise Desktop 12
  • libudisks2-0 >= 2.1.3-1.14
  • udisks2 >= 2.1.3-1.14
  • udisks2-lang >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Desktop 12 GA libudisks2-0
SUSE Linux Enterprise Desktop 12 SP1
  • libudisks2-0 >= 2.1.3-1.14
  • udisks2 >= 2.1.3-1.14
  • udisks2-lang >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Desktop 12 SP1 GA libudisks2-0
SUSE Linux Enterprise Desktop 12 SP2
  • libudisks2-0 >= 2.1.3-1.14
  • udisks2 >= 2.1.3-1.14
  • udisks2-lang >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Desktop 12 SP2 GA libudisks2-0
SUSE Linux Enterprise Server 12
  • libudisks2-0 >= 2.1.3-1.14
  • udisks2 >= 2.1.3-1.14
  • udisks2-lang >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Server 12 GA libudisks2-0
SUSE Linux Enterprise Server 12 SP1
  • libudisks2-0 >= 2.1.3-1.14
  • udisks2 >= 2.1.3-1.14
  • udisks2-lang >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Server 12 SP1 GA libudisks2-0
SUSE Linux Enterprise Server 12 SP2
  • libudisks2-0 >= 2.1.3-1.14
  • udisks2 >= 2.1.3-1.14
  • udisks2-lang >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Server 12 SP2 GA libudisks2-0
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2
  • libudisks2-0 >= 2.1.3-1.13
  • udisks2 >= 2.1.3-1.13
  • udisks2-lang >= 2.1.3-1.13
Patchnames:
SUSE Linux Enterprise Server for Raspberry Pi 12 SP2 GA libudisks2-0
SUSE Linux Enterprise Software Development Kit 12
  • udisks2-devel >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 GA udisks2-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
  • udisks2-devel >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP1 GA udisks2-devel
SUSE Linux Enterprise Software Development Kit 12 SP2
  • udisks2-devel >= 2.1.3-1.14
Patchnames:
SUSE Linux Enterprise Software Development Kit 12 SP2 GA udisks2-devel
openSUSE 12.3
  • libudisks2-0 >= 2.0.0-5.8.1
  • libudisks2-0-debuginfo >= 2.0.0-5.8.1
  • typelib-1_0-UDisks-2_0 >= 2.0.0-5.8.1
  • udisks >= 1.0.4-11.4.1
  • udisks-debuginfo >= 1.0.4-11.4.1
  • udisks-debugsource >= 1.0.4-11.4.1
  • udisks-devel >= 1.0.4-11.4.1
  • udisks2 >= 2.0.0-5.8.1
  • udisks2-debuginfo >= 2.0.0-5.8.1
  • udisks2-debugsource >= 2.0.0-5.8.1
  • udisks2-devel >= 2.0.0-5.8.1
  • udisks2-lang >= 2.0.0-5.8.1
Patchnames:
openSUSE-2014-219
openSUSE-2014-220
openSUSE 13.1
  • libudisks2-0 >= 2.1.1-2.4.1
  • libudisks2-0-debuginfo >= 2.1.1-2.4.1
  • typelib-1_0-UDisks-2_0 >= 2.1.1-2.4.1
  • udisks >= 1.0.4-13.4.1
  • udisks-debuginfo >= 1.0.4-13.4.1
  • udisks-debugsource >= 1.0.4-13.4.1
  • udisks-devel >= 1.0.4-13.4.1
  • udisks2 >= 2.1.1-2.4.1
  • udisks2-debuginfo >= 2.1.1-2.4.1
  • udisks2-debugsource >= 2.1.1-2.4.1
  • udisks2-devel >= 2.1.1-2.4.1
  • udisks2-lang >= 2.1.1-2.4.1
Patchnames:
openSUSE-2014-219
openSUSE-2014-220
openSUSE 13.2
  • libudisks2-0 >= 2.1.3-2.1.5
  • udisks2 >= 2.1.3-2.1.5
Patchnames:
openSUSE 13.2 GA libudisks2-0
openSUSE Evergreen 11.4
  • udisks >= 1.0.2-3.16.1
  • udisks-debuginfo >= 1.0.2-3.16.1
  • udisks-debugsource >= 1.0.2-3.16.1
  • udisks-devel >= 1.0.2-3.16.1
Patchnames:
2014-35
openSUSE Leap 42.1
  • libudisks2-0 >= 2.1.6-3.2
  • udisks2 >= 2.1.6-3.2
  • udisks2-lang >= 2.1.6-3.2
Patchnames:
openSUSE Leap 42.1 GA libudisks2-0
openSUSE Leap 42.2
  • libudisks2-0 >= 2.1.6-4.9
  • udisks2 >= 2.1.6-4.9
  • udisks2-lang >= 2.1.6-4.9
Patchnames:
openSUSE Leap 42.2 GA libudisks2-0
openSUSE Tumbleweed
  • libudisks2-0 >= 2.1.8-1.1
  • typelib-1_0-UDisks-2_0 >= 2.1.8-1.1
  • udisks >= 1.0.5-5.10
  • udisks-devel >= 1.0.5-5.10
  • udisks2 >= 2.1.8-1.1
  • udisks2-devel >= 2.1.8-1.1
  • udisks2-lang >= 2.1.8-1.1
Patchnames:
openSUSE Tumbleweed GA libudisks2-0
openSUSE Tumbleweed GA udisks