VYPR
Vendor

udisks

Products
1
CVEs
6
Across products
6
Status
Private

Products

1

Recent CVEs

6
  • CVE-2025-8067HigAug 28, 2025
    risk 0.55cvss 8.5epss 0.01

    A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives…

  • CVE-2010-4661HigNov 13, 2019
    risk 0.51cvss 7.8epss 0.00

    udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.

  • CVE-2018-17336HigSep 22, 2018
    risk 0.51cvss 7.8epss 0.01

    UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as…

  • CVE-2021-3802MedNov 29, 2021
    risk 0.27cvss 4.2epss 0.01

    A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.

  • CVE-2026-26104Feb 25, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As…

  • CVE-2026-26103Feb 25, 2026
    risk 0.00cvss epss 0.00

    A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption…