VYPR

rpm package

opensuse/udisks2&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/udisks2&distro=openSUSE%20Tumbleweed

Vulnerabilities (5)

  • CVE-2026-26104Feb 25, 2026
    affected < 2.11.0-2.1fixed 2.11.0-2.1

    A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As a

  • CVE-2026-26103Feb 25, 2026
    affected < 2.11.0-2.1fixed 2.11.0-2.1

    A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption meta

  • CVE-2025-8067HigAug 28, 2025
    affected < 2.10.1-4.1fixed 2.10.1-4.1

    A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the

  • CVE-2018-17336HigSep 22, 2018
    affected < 2.9.2-1.6fixed 2.9.2-1.6

    UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demo

  • CVE-2014-0004Mar 11, 2014
    affected < 2.1.8-1.1fixed 2.1.8-1.1

    Stack-based buffer overflow in udisks before 1.0.5 and 2.x before 2.1.3 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long mount point.