Описание
Security update for udisks2
This update for udisks2 fixes the following issues:
- CVE-2021-3802: Fixed insecure defaults in user-accessible mount helpers (bsc#1190606).
- Fixed vulnerability that allowed mounting ext4 devices over existing entries in fstab (bsc#1098797).
Список пакетов
SUSE Linux Enterprise Server 12 SP2-BCL
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP3-BCL
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP5
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Software Development Kit 12 SP5
udisks2-devel-2.1.3-3.8.1
SUSE OpenStack Cloud 9
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
SUSE OpenStack Cloud Crowbar 9
libudisks2-0-2.1.3-3.8.1
udisks2-2.1.3-3.8.1
udisks2-lang-2.1.3-3.8.1
Ссылки
- Link for SUSE-SU-2022:3160-1
- E-Mail link for SUSE-SU-2022:3160-1
- SUSE Security Ratings
- SUSE Bug 1098797
- SUSE Bug 1190606
- SUSE CVE CVE-2021-3802 page
Описание
A vulnerability found in udisks2. This flaw allows an attacker to input a specially crafted image file/USB leading to kernel panic. The highest threat from this vulnerability is to system availability.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libudisks2-0-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP2-BCL:udisks2-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP2-BCL:udisks2-lang-2.1.3-3.8.1
SUSE Linux Enterprise Server 12 SP3-BCL:libudisks2-0-2.1.3-3.8.1
Ссылки
- CVE-2021-3802
- SUSE Bug 1190606