CVE-2014-0004

Publication date 10 March 2014

Last updated 24 July 2024

Ubuntu priority

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

Status

Show unmaintained releases

No maintained releases are affected by this CVE.

Package	Ubuntu Release	Status
udisks	13.10 saucy	Fixed 1.0.4-8ubuntu1.1
	12.10 quantal	Fixed 1.0.4-6ubuntu0.1
	12.04 LTS precise	Fixed 1.0.4-5ubuntu2.2
	10.04 LTS lucid	Ignored end of life
udisks2	13.10 saucy	Fixed 2.1.0-4ubuntu0.1
	12.10 quantal	Fixed 2.0.0-1ubuntu1.1
	12.04 LTS precise	Not in release
	10.04 LTS lucid	Not in release

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-2142-1
UDisks vulnerability
10 March 2014

Other references

https://www.cve.org/CVERecord?id=CVE-2014-0004