CVE-2010-4661Unrestricted File Upload in Project Udisks

CWE-434Unrestricted File Upload5 documents4 sources
Severity
7.8HIGHNVD
EPSS
0.2%
top 64.11%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Udisks Project UdisksUdisksDebian Linux+2 more
Timeline
PublishedNov 13
Latest updateApr 21

Description

udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

CVEListV5udisks/udisksbefore 1.0.3
NVDopensuse/opensuse11.3, 11.4+1

Also affects: Debian Linux 8.0, Enterprise Linux 6.0

🔴Vulnerability Details

1
GHSA
GHSA-gfww-4j67-hpj2: udisks before 12022-04-21

📋Vendor Advisories

1
Red Hat
udisks: arbitrary Linux kernel loading flaw2010-12-08

💬Community

2
Bugzilla
CVE-2010-4661 udisks: arbitrary Linux kernel loading flaw [fedora-all]2011-02-23
Bugzilla
CVE-2010-4661 udisks: arbitrary Linux kernel loading flaw2010-12-17
CVE-2010-4661 — Unrestricted File Upload | cvebase