ALAS2-2019-1377 --- udisks2, libudisks2ID: oval:org.secpod.oval:def:1700288 | Date: (C)2019-12-23 (M)2023-06-16 |
Class: PATCH | Family: unix |
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information , cause a denial of service , or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.An uncontrolled format string vulnerability has been discovered in udisks when it mounts a filesystem with a malformed label. A local attacker may use this flaw to leak memory, make the udisks service crash, or cause other unspecified effects.
Product: |
udisks2 |
libudisks2 |