udisks
Products
1- 6 CVEs
Recent CVEs
6| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-8067 | Hig | 0.55 | 8.5 | 0.01 | Aug 28, 2025 | A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives… | ||
| CVE-2010-4661 | Hig | 0.51 | 7.8 | 0.00 | Nov 13, 2019 | udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules. | ||
| CVE-2018-17336 | Hig | 0.51 | 7.8 | 0.01 | Sep 22, 2018 | UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as… | ||
| CVE-2021-3802 | Med | 0.27 | 4.2 | 0.01 | Nov 29, 2021 | A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability. | ||
| CVE-2026-26104 | 0.00 | — | 0.00 | Feb 25, 2026 | A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As… | |||
| CVE-2026-26103 | 0.00 | — | 0.00 | Feb 25, 2026 | A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption… |
- risk 0.55cvss 8.5epss 0.01
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives…
- risk 0.51cvss 7.8epss 0.00
udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules.
- risk 0.51cvss 7.8epss 0.01
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as…
- risk 0.27cvss 4.2epss 0.01
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.
- CVE-2026-26104Feb 25, 2026risk 0.00cvss —epss 0.00
A flaw was found in the udisks storage management daemon that allows unprivileged users to back up LUKS encryption headers without authorization. The issue occurs because a privileged D-Bus method responsible for exporting encryption metadata does not perform a policy check. As…
- CVE-2026-26103Feb 25, 2026risk 0.00cvss —epss 0.00
A flaw was found in the udisks storage management daemon that exposes a privileged D-Bus API for restoring LUKS encryption headers without proper authorization checks. The issue allows a local unprivileged user to instruct the root-owned udisks daemon to overwrite encryption…