Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 10 Mar 2014 15:46:04 +0530
From: Huzaifa Sidhpurwala <huzaifas@...hat.com>
To: oss-security@...ts.openwall.com
Subject: udisks and udisks2: stack-based buffer overflow when handling long
 path names

Hi All,

Florian Weimer of the Red Hat Product Security Team, found a flaw in
the way udisks and udisks2 handled long path names. A malicious, local
user could use this flaw to create a specially-crafted directory
structure that could lead to arbitrary code execution with the
privileges of the udisks daemon (root).

This issue has been assigned CVE-2014-0004.

References:
http://lists.freedesktop.org/archives/devkit-devel/2014-March/001568.html

Patches:
http://cgit.freedesktop.org/udisks/commit/?h=udisks1&id=ebf61ed8471
http://cgit.freedesktop.org/udisks/commit/?id=244967

Red Hat bugzilla:
https://bugzilla.redhat.com/show_bug.cgi?id=1049703



-- 
Huzaifa Sidhpurwala / Red Hat Security Response Team

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ