Udisks

Submit a proposal Propose CVE/GCVE/GHSA reference

Approved changes feed: RSS · Atom

cpe:2.3:a:freedesktop:udisks:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorFreedesktop (2c544e5d-e68e-5b35-a616-dc08f0ba697e)
ProductUdisks (272b9133-95ca-52b0-93a8-badb7e71755f)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:deb/debian/udisks2 purl2cpe 2026-06-01 10:14:04.217757
pkg:deb/ubuntu/udisks2 purl2cpe 2026-06-01 10:14:04.217760
pkg:github/storaged-project/udisks purl2cpe 2026-06-01 10:14:04.217763
pkg:gitlab/redhat/udisks2 purl2cpe 2026-06-01 10:14:04.217765
pkg:rpm/centos/udisks2 purl2cpe 2026-06-01 10:14:04.217768
pkg:rpm/fedora/udisks2 purl2cpe 2026-06-01 10:14:04.217771
pkg:rpm/opensuse/udisks2 purl2cpe 2026-06-01 10:14:04.217773

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2014-0004 vulnerable 2026-06-03 14:33:35.963192 Details available
Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.
Published: 2014-03-11T15:00:00.000Z
Updated: 2024-08-06T08:58:26.565Z
Reference links
Imported from gcve-enriched-dumps CVE data
CVE:CVE-2010-1149 vulnerable 2026-06-03 14:30:12.655669 Details available
probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/.
Published: 2010-04-12T18:00:00.000Z
Updated: 2024-08-07T01:14:06.397Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.