Описание
ELSA-2025-15020: udisks2 security update (IMPORTANT)
[2.10.90-5.0.1.1]
- Enable btrfs support for OL supported arches [Orabug: 37464632]
[2.10.90-5.1]
- udisks: Out-of-bounds read in UDisks Daemon (CVE-2025-8067)
[2.10.90-5]
- mdraid: Avoid acquiring system inhibit lock for external array operations (RHEL-74012)
[2.10.90-4]
- Rebase to upstream 2.10.90 (pre-)release
- lvm2: Try opening for unused device detection harder (RHEL-39935)
[2.10.90-3.gitdb54112e]
- Bump release for October 2024 mass rebuild: Resolves: RHEL-64018
[2.10.90-2.gitdb54112e]
- Fix Requires: for modules
- Fix gating tests
[2.10.90-1.gitdb54112e]
- Rebase to git snapshot as of 2024-07-25
[2.10.1-5]
- Bump release for June 2024 mass rebuild
[2.10.1-4]
- Use SPDX license tags for subpackages
[2.10.1-3]
- Use a SPDX license tag
- udiskslinuxblockobject: Try issuing BLKRRPART ioctl harder
- udiskslinuxmanager: Fix use after free
- tests: Fix targetcli_config.json
[2.10.1-2]
[2.10.1-1]
- Version 2.10.1
- Default to ntfs-3g for stability reasons (#2182206)
- Use Recommends: for filesystem tools (#2169848)
[2.10.0-2]
[2.10.0-1]
- Version 2.10.0
[2.9.4-6]
[2.9.4-5]
[2.9.4-4]
- Fix gtk-doc annotations
[2.9.4-3]
- Require ntfs-3g (#2058506)
[2.9.4-2]
[2.9.4-1]
- Version 2.9.4
- Fixes CVE-2021-3802 (#2003650)
[2.9.3-1]
- Version 2.9.3
[2.9.2-6]
[2.9.2-5]
- Switch the default encryption to LUKS2
[2.9.2-4]
- Fix a couple of issues found by Coverity
- Ignore systemd 'Extended Boot Loader' GPT partition
[2.9.2-3]
- Fix FAT mkfs with dosfstools >= 4.2
- udiskslinuxdriveata: Use GTask to apply configuration in a thread
- Limit allowed module names
- 80-udisks2.rules: Ignore Apple boot partition from livecd-tools
[2.9.2-2]
- Rebuilt for updated systemd-rpm-macros See https://pagure.io/fesco/issue/2583.
[2.9.2-1]
- Version 2.9.2
[2.9.1-3]
[2.9.1-2]
- Fix conditional around polkit Recommends for building on EL7
[2.9.1-1]
- Version 2.9.1
- Renamed zram-setup@.service to udisks2-zram-setup@.service
[2.9.0-2]
[2.9.0-1]
- Version 2.9.0
[2.8.4-4]
[2.8.4-3]
- Don't trigger udev if socket is not accessible
[2.8.4-2]
[2.8.4-1]
- Version 2.8.4
[2.8.3-1]
- Version 2.8.3
[2.8.2-2]
- Update for tmpfiles.d snippet
[2.8.2-1]
- Version 2.8.2
[2.8.1-2]
[2.8.1-1]
- Version 2.8.1
[2.8.0-2]
- Backport PR #576 to fix udev multipath device check (see RHBZ#1628192)
[2.8.0-1]
- Version 2.8.0
[2.7.7-3]
- Rebuild for new libconfig
[2.7.7-2]
[2.7.7-1]
- Version 2.7.7
[2.7.6-1]
- Version 2.7.6
[2.7.5-2]
- Switch to %ldconfig_scriptlets
[2.7.5-1]
- Version 2.7.5
[2.7.4-1]
- Version 2.7.4
[2.7.3-1]
- Version 2.7.3
[2.7.2-1]
- Version 2.7.2
[2.7.1-3]
[2.7.1-2]
[2.7.1-1]
- Version 2.7.1
[2.7.0-3]
- Do not try to remove changed_blacklist hash table in finalize
[2.7.0-2]
- Fix how UDisksClient filters property changes
[2.7.0-1]
- Version 2.7.0
[2.6.5-1]
- Version 2.6.5
[2.6.4-1]
- Version 2.6.4
[2.6.3-1]
- Version 2.6.3
[2.6.2-1]
- Version 2.6.2; aimed to replace udisks2
[2.6.0-3]
- Add support for libblockdev-part plugin which replaces parted calls
[2.6.0-2]
- Fix permissions set for storaged_lsm.conf so it is readable only by root
[2.6.0-1]
- Upgrade to 2.6.0
[2.5.0-3]
- Package template zram-setup@.service file
[2.5.0-2]
- Add udisksd configuration file and its man page
[2.5.0-1]
- UDisks2 drop-in replacement
[2.4.0-3]
- Redesign subpackage dependencies
- Make GTK documentation generation configurable
[2.4.0-2]
- Reload udev rules and trigger events when installed
[2.4.0-1]
- Upgrade to 2.4.0
[2.3.0-2]
- Add Fedora/RHEL package configuration options
[2.3.0-1]
- Change BuildRequires from pkgconfig macro to -devel packages
- Upgrade to 2.3.0
[2.2.0-1]
- Upgrade to 2.2.0
[2.1.1-1]
- Upgrade to 2.1.1
[2.1.0-4]
- Add Requires for storaged modules
[2.1.0-3]
- Changes for EPEL-7
- Lower systemd required version to 208
- Rewrite BuildRequires for systemd-devel
[2.1.0-2]
[2.1.0-1]
- Update to upstream 2.1.0
[2.0.0-1]
- Rebase to the new Storaged implementation
- Upstream: https://storaged.org
[0.3.1-1]
- Update to upstream 0.3.1
[0.3.0-3]
[0.3.0-2]
[0.3.0-1]
- Update to upstream 0.3.0
[0.2.0-1]
- Update to upstream 0.2.0
[0.1.0-2]
- Removed double systemd BuildRequire
- Rewritten summary and description
[0.1.0-1]
- Rename from udisks2-lvm
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
libudisks2
2.10.90-5.0.1.el10_0.1
libudisks2-devel
2.10.90-5.0.1.el10_0.1
udisks2
2.10.90-5.0.1.el10_0.1
udisks2-iscsi
2.10.90-5.0.1.el10_0.1
udisks2-lsm
2.10.90-5.0.1.el10_0.1
udisks2-lvm2
2.10.90-5.0.1.el10_0.1
Oracle Linux x86_64
libudisks2
2.10.90-5.0.1.el10_0.1
libudisks2-devel
2.10.90-5.0.1.el10_0.1
udisks2
2.10.90-5.0.1.el10_0.1
udisks2-iscsi
2.10.90-5.0.1.el10_0.1
udisks2-lsm
2.10.90-5.0.1.el10_0.1
udisks2-lvm2
2.10.90-5.0.1.el10_0.1
Связанные CVE
Связанные уязвимости
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
A flaw was found in the Udisks daemon, where it allows unprivileged us ...
