2433717 – (CVE-2026-26104) CVE-2026-26104 udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API

Bug 2433717 (CVE-2026-26104) - CVE-2026-26104 udisks: Missing Authorization Check Allows Unprivileged Users to Back Up LUKS Headers via udisks D-Bus API

Summary: CVE-2026-26104 udisks: Missing Authorization Check Allows Unprivileged Users ...

Keywords:
Status:	NEW
Alias:	CVE-2026-26104
Deadline:	2026-02-25
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Product Security DevOps Team
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	2442587 2442588
Blocks:
TreeView+	depends on / blocked

Reported:	2026-01-28 07:49 UTC by OSIDB Bzimport
Modified:	2026-02-25 10:32 UTC (History)
CC List:	1 user (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:
Embargoed:

Attachments	(Terms of Use)

Description OSIDB Bzimport 2026-01-28 07:49:25 UTC

Missing authorization (polkit) vulnerability in the org.freedesktop.UDisks2.Encrypted.HeaderBackup D-Bus method of udisks. The flaw is caused by the absence of a call to udisks_daemon_util_check_authorization_sync() in the handle_header_backup() handler. An unprivileged local user can invoke this system-bus method to cause the root-owned udisks daemon to call bd_crypto_luks_header_backup() and export LUKS headers and keyslot metadata to an arbitrary file path. This allows unauthorized disclosure of sensitive cryptographic material without authentication or user interaction.

Note You need to log in before you can comment on or make changes to this bug.