Red Hat Bugzilla – Bug 1049703
CVE-2014-0004 udisks and udisks2: stack-based buffer overflow when handling long path names
Last modified: 2015-11-24 10:44:59 EST
udisks and udisks2 provide a daemon, D-Bus API, and command line tools for managing disks and storage devices. A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon (root).
This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
Created attachment 867616 [details]
Patch from davidz
I've tested this, it does seem to fix the issue.
Created udisks2 tracking bugs for this issue:
Affects: fedora-all [bug 1074459]
Created udisks tracking bugs for this issue:
Affects: fedora-all [bug 1074458]
You should, now
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2014:0293 https://rhn.redhat.com/errata/RHSA-2014-0293.html
udisks2-2.1.2-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
udisks2-2.1.2-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.