Your submission was sent successfully! Close

CVE-2014-0004

Published: 10 March 2014

Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.

Priority

Medium

Status

Package Release Status
udisks
Launchpad, Ubuntu, Debian
lucid Ignored
(reached end-of-life)
precise
Released (1.0.4-5ubuntu2.2)
quantal
Released (1.0.4-6ubuntu0.1)
saucy
Released (1.0.4-8ubuntu1.1)
upstream Needs triage

This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu.
udisks2
Launchpad, Ubuntu, Debian
lucid Does not exist

precise Does not exist

quantal
Released (2.0.0-1ubuntu1.1)
saucy
Released (2.1.0-4ubuntu0.1)
upstream Needs triage

This vulnerability is mitigated in part by the use of gcc's stack protector in Ubuntu.