CVE-2014-0004

Published Mar 11, 2014

Last updated 3 months ago

CVSS info 6.9

Overview

Description: Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-119

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "EC6ED9AD-975D-4D2C-98E7-0DBD5E3461A6",
            "versionEndIncluding": "1.0.4"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "88775AE9-D0DF-486C-A65C-5A7D36596F3E"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:1.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C070AD50-CAAF-4581-8330-994ECB2416C6"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.0.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D31F1F1D-2E26-4D8E-A8C0-5395F302C444"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.0.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0405A969-DCAB-436B-963E-21B6A062E007"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.0.90:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C600D95D-444B-4DA0-9E47-70BF9E9B69C2"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.0.91:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1C8611A0-535A-4FE8-83EE-945935B92054"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.0.92:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD230273-86C7-492E-AC24-E2270D89BC15"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "619EF427-D2F1-422D-98C7-A1D30B909895"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1EEA4C23-DECC-4E0D-A313-D65F84F309A7"
          },
          {
            "criteria": "cpe:2.3:a:freedesktop:udisks:2.1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "2F5A5AFF-1B7D-4C1F-A958-51CB2B5CB8CC"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:-:lts:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F5D324C4-97C7-49D3-A809-9EAD4B690C69"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"
          },
          {
            "criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References