Mageia Bugzilla – Bug 12983
udisks, udisks2 new security issue CVE-2014-0004
Last modified: 2014-03-15 17:37:17 CET
Upstream has released new versions of udisks, 1.0.5 and 2.1.3:
They fix a serious security issue that allows local users to execute arbitrary code as root.
Patches are available and a CVE has been assigned:
Updated packages uploaded for Cauldron.
Patched packages uploaded for Mageia 3 and Mageia 4.
Updated udisks and udisks2 packages fix security vulnerabilities:
A flaw was found in the way udisks and udisks2 handled long path names. A
malicious, local user could use this flaw to create a specially-crafted
directory structure that could lead to arbitrary code execution with the
privileges of the udisks daemon (root) (CVE-2014-0004).
Updated packages in core/updates_testing:
Steps to Reproduce:
Ubuntu has issued an advisory for this today (March 10):
They noted that for them it should just be a DoS issue rather than allowing arbitrary code execution, because of the compiler flags they use. For other issues where this has been the case in the past, it has been true for us as well. That would reduce the severity of this.
don't know how to test this...
Installed all packages without any error and a USB stick will be still mounted in MGA4 32bit XFCE (VBox) to /run/media/marc/Stick/
What else could be done for testing? Please let me know,
Installed all updated packages in MGA4 64bit and USB-stick is mounted automatically. Until now other test procedures known I will mark as tested successfully.
However logfile shows when restart rtkit-daemon.service
Mar 14 23:43:32 localhost systemd: [/usr/lib/systemd/system/rtkit-daemon.service:32] Unknown lvalue 'ControlGroup' in section 'Service'
but this was also present in previous version, so no regression...
installed all packages without any error for mga3 32bit and 64bit. Also the error mentioned in Comment #3 is not present in both mga3
If not objections regarding the test procedure this update can be validated after advisory from Comment #0 is uploaded, to get security update pushed.
Advisory added to svn. Validating the update.
Someone from the sysadmin team please push 12983.adv to updates.