udisks and udisks2 provide a daemon, D-Bus API, and command line tools for managing disks and storage devices. A flaw was found in the way udisks and udisks2 handled long path names. A malicious, local user could use this flaw to create a specially-crafted directory structure that could lead to arbitrary code execution with the privileges of the udisks daemon (root). Acknowledgements: This issue was discovered by Florian Weimer of the Red Hat Product Security Team.
Created attachment 867616 [details] Patch from davidz I've tested this, it does seem to fix the issue.
Public via: http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html udisks patch: http://cgit.freedesktop.org/udisks/commit/?h=udisks1&id=ebf61ed8471 udisks2 patch: http://cgit.freedesktop.org/udisks/commit/?id=244967
Created udisks2 tracking bugs for this issue: Affects: fedora-all [bug 1074459]
Created udisks tracking bugs for this issue: Affects: fedora-all [bug 1074458]
You should, now
This issue has been addressed in following products: Red Hat Enterprise Linux 6 Via RHSA-2014:0293 https://rhn.redhat.com/errata/RHSA-2014-0293.html
udisks2-2.1.2-2.fc20 has been pushed to the Fedora 20 stable repository. If problems still persist, please make note of it in this bug report.
udisks2-2.1.2-2.fc19 has been pushed to the Fedora 19 stable repository. If problems still persist, please make note of it in this bug report.