rpm package
almalinux/udisks2-iscsi
pkg:rpm/almalinux/udisks2-iscsi
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-26104 | — | < 2.10.90-6.el10_1.1.alma.1 | 2.10.90-6.el10_1.1.alma.1 | Feb 25, 2026 | A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a | ||
| CVE-2026-26103 | — | < 2.10.90-6.el10_1.1.alma.1 | 2.10.90-6.el10_1.1.alma.1 | Feb 25, 2026 | A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption meta | ||
| CVE-2025-8067 | Hig | 8.5 | < 2.9.0-16.el8_10.1 | 2.9.0-16.el8_10.1 | Aug 28, 2025 | A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the | |
| CVE-2021-3802 | — | < 2.9.0-9.el8 | 2.9.0-9.el8 | Nov 29, 2021 | A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. |
- CVE-2026-26104Feb 25, 2026affected < 2.10.90-6.el10_1.1.alma.1fixed 2.10.90-6.el10_1.1.alma.1
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a
- CVE-2026-26103Feb 25, 2026affected < 2.10.90-6.el10_1.1.alma.1fixed 2.10.90-6.el10_1.1.alma.1
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption meta
- affected < 2.9.0-16.el8_10.1fixed 2.9.0-16.el8_10.1
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the
- CVE-2021-3802Nov 29, 2021affected < 2.9.0-9.el8fixed 2.9.0-9.el8
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.