Novell Home

CVE-2014-0004

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2014-0004 at MITRE

Description

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

NVD CVSS v2 Base Score: 6.9 (AV:L/AC:M/Au:N/C:C/I:C/A:C)

SUSE information

SUSE Bugzilla entry: 865854

SUSE Security Advisories:

List of released packages

Product(s) Fixed package version(s) References
openSUSE 12.3
  • libudisks2-0 >= 2.0.0-5.8.1
  • libudisks2-0-debuginfo >= 2.0.0-5.8.1
  • typelib-1_0-UDisks-2_0 >= 2.0.0-5.8.1
  • udisks >= 1.0.4-11.4.1
  • udisks-debuginfo >= 1.0.4-11.4.1
  • udisks-debugsource >= 1.0.4-11.4.1
  • udisks-devel >= 1.0.4-11.4.1
  • udisks2 >= 2.0.0-5.8.1
  • udisks2-debuginfo >= 2.0.0-5.8.1
  • udisks2-debugsource >= 2.0.0-5.8.1
  • udisks2-devel >= 2.0.0-5.8.1
  • udisks2-lang >= 2.0.0-5.8.1
Patchnames:
openSUSE-2014-219
openSUSE-2014-220
openSUSE 13.1
  • libudisks2-0 >= 2.1.1-2.4.1
  • libudisks2-0-debuginfo >= 2.1.1-2.4.1
  • typelib-1_0-UDisks-2_0 >= 2.1.1-2.4.1
  • udisks >= 1.0.4-13.4.1
  • udisks-debuginfo >= 1.0.4-13.4.1
  • udisks-debugsource >= 1.0.4-13.4.1
  • udisks-devel >= 1.0.4-13.4.1
  • udisks2 >= 2.1.1-2.4.1
  • udisks2-debuginfo >= 2.1.1-2.4.1
  • udisks2-debugsource >= 2.1.1-2.4.1
  • udisks2-devel >= 2.1.1-2.4.1
  • udisks2-lang >= 2.1.1-2.4.1
Patchnames:
openSUSE-2014-219
openSUSE-2014-220
openSUSE Evergreen 11.4
  • udisks >= 1.0.2-3.16.1
  • udisks-debuginfo >= 1.0.2-3.16.1
  • udisks-debugsource >= 1.0.2-3.16.1
  • udisks-devel >= 1.0.2-3.16.1
Patchnames:
2014-35

© 2015 Novell