CVE-2014-0004

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 5%
VendorProductVersion
freedesktopudisks
𝑥
≤ 1.0.4
freedesktopudisks
1.0
freedesktopudisks
1.0.1
freedesktopudisks
2.0.0
freedesktopudisks
2.0.1
freedesktopudisks
2.0.90
freedesktopudisks
2.0.91
freedesktopudisks
2.0.92
freedesktopudisks
2.1.0
freedesktopudisks
2.1.1
freedesktopudisks
2.1.2
canonicalubuntu_linux
12.04
canonicalubuntu_linux
12.10
canonicalubuntu_linux
13.10
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
udisks2
bullseye
2.9.2-2+deb11u1
fixed
bookworm
2.9.4-4
fixed
sid
2.10.1-11
fixed
trixie
2.10.1-11
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
udisks
saucy
Fixed 1.0.4-8ubuntu1.1
released
quantal
Fixed 1.0.4-6ubuntu0.1
released
precise
Fixed 1.0.4-5ubuntu2.2
released
lucid
ignored
udisks2
saucy
Fixed 2.1.0-4ubuntu0.1
released
quantal
Fixed 2.0.0-1ubuntu1.1
released
precise
dne
lucid
dne
Common Weakness Enumeration
References
http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00051.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00052.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00053.html
http://rhn.redhat.com/errata/RHSA-2014-0293.html
http://www.debian.org/security/2014/dsa-2872
http://www.securityfocus.com/bid/66081
http://www.ubuntu.com/usn/USN-2142-1
http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00051.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00052.html
http://lists.opensuse.org/opensuse-updates/2014-03/msg00053.html
http://rhn.redhat.com/errata/RHSA-2014-0293.html
http://www.debian.org/security/2014/dsa-2872
http://www.securityfocus.com/bid/66081
http://www.ubuntu.com/usn/USN-2142-1