CVE-2014-0004 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Udisks
Severity
6.9MEDIUMNVD
EPSS
0.1%
top 82.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedMar 11
Latest updateMay 17
Description
Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
CVSS vector
AV:L/AC:M/C:C/I:C/A:CExploitability: 3.4 | Impact: 10.0
Affected Packages1 packages
Also affects: Ubuntu Linux 12.04, 12.10, 13.10
Patches
🔴Vulnerability Details
3📋Vendor Advisories
3💬Community
5Bugzilla▶
CVE-2014-8092 xorg-x11-server: integer overflow in X11 core protocol requests when calculating memory needs for requests↗2014-11-27
Bugzilla▶
CVE-2014-0004 udisks and udisks2: stack-based buffer overflow when handling long path names [fedora-all]↗2014-03-10
Bugzilla▶
CVE-2014-0004 udisks: udisks and udisks2: stack-based buffer overflow when handling long path names [fedora-all]↗2014-03-10
Bugzilla▶
CVE-2014-0004 udisks and udisks2: stack-based buffer overflow when handling long path names↗2014-01-08