Bug 2003649 (CVE-2021-3802) - CVE-2021-3802 udisks2: insecure defaults in user-accessible mount helpers allow for a DoS
Summary: CVE-2021-3802 udisks2: insecure defaults in user-accessible mount helpers all...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2021-3802
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 2003650 2004422 2004423
Blocks: 2003653 2017003
TreeView+ depends on / blocked
 
Reported: 2021-09-13 11:48 UTC by Marian Rehak
Modified: 2022-05-17 09:53 UTC (History)
4 users (show)

Fixed In Version: udisks-2.9.4
Doc Type: If docs needed, set a value
Doc Text:
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.
Clone Of:
Environment:
Last Closed: 2022-05-11 04:15:29 UTC


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2022:1820 0 None None None 2022-05-10 13:39:18 UTC

Description Marian Rehak 2021-09-13 11:48:56 UTC
Several user-accessible mount helpers use insecure defaults which allow ext2/3/4 file systems to cause a denial of service (kernel panic) upon mounting a crafted image.  This is especially relevant when mounts can be caused by unprivileged users or are configured to happen automatically and completely unauthorized.

External Reference:

https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2021-045.txt

Comment 1 Marian Rehak 2021-09-13 11:49:16 UTC
Created udisks2 tracking bugs for this issue:

Affects: fedora-all [bug 2003650]

Comment 7 Marian Rehak 2021-09-15 09:28:56 UTC
Copyright license of original report:
https://creativecommons.org/licenses/by/3.0/deed.en

Comment 9 Tomáš Bžatek 2021-10-04 12:16:38 UTC
Fix available upstream as part of the udisks-2.9.4 release: https://github.com/storaged-project/udisks/releases/tag/udisks-2.9.4

Comment 10 errata-xmlrpc 2022-05-10 13:39:15 UTC
This issue has been addressed in the following products:

  Red Hat Enterprise Linux 8

Via RHSA-2022:1820 https://access.redhat.com/errata/RHSA-2022:1820

Comment 11 Product Security DevOps Team 2022-05-11 04:15:27 UTC
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):

https://access.redhat.com/security/cve/cve-2021-3802


Note You need to log in before you can comment on or make changes to this bug.