Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2022:3160-1

Опубликовано: 07 сент. 2022
Источник: suse-cvrf

Описание

Security update for udisks2

This update for udisks2 fixes the following issues:

  • CVE-2021-3802: Fixed insecure defaults in user-accessible mount helpers (bsc#1190606).
  • Fixed vulnerability that allowed mounting ext4 devices over existing entries in fstab (bsc#1098797).

Список пакетов

SUSE Linux Enterprise Server 12 SP2-BCL
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP3-BCL
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP5
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Software Development Kit 12 SP5
udisks2-devel-2.1.3-3.8.1
SUSE OpenStack Cloud 9
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE OpenStack Cloud Crowbar 9
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1

Описание

A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.


Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libudisks2-0-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP2-BCL:udisks2-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP2-BCL:udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP3-BCL:libudisks2-0-2.1.3-3.8.1

Ссылки