Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.6
CVSSv2

CVE-2018-17336

Published: 22/09/2018 Updated: 06/08/2019
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 409
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Subscribe to Freedesktop

Vulnerability Summary

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing malicious users to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

freedesktop udisks 2.8.0

canonical ubuntu linux 18.04

Vendor Advisories

Red Hat: Moderate: udisks2 security, bug fix, and enhancement update
Synopsis Moderate: udisks2 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for udisks2 is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Debian CVElist Bug Report Logs: CVE-2018-17336
Debian Bug report logs - #909607 CVE-2018-17336 Package: udisks2; Maintainer for udisks2 is Utopia Maintenance Team <pkg-utopia-maintainers@listsaliothdebianorg>; Source for udisks2 is src:udisks2 (PTS, buildd, popcon) Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Tue, 25 Sep 2018 20:39:02 UTC Severity: ...
Ubuntu Security Notice: udisks2 vulnerability
Udisks could be made to crash or expose sensitive information ...
Amazon Linux 2: ALAS2-2019-1377
UDisks 280 has a format string vulnerability in udisks_log in udisksloggingc, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings(CVE-2018-17336) An uncontrolled forma ...
Red Hat: CVE-2018-17336
An uncontrolled format string vulnerability has been discovered in udisks when it mounts a filesystem with a malformed label A local attacker may use this flaw to leak memory, make the udisks service crash, or cause other unspecified effects ...

Github Repositories

https://github.com/AnonOpsVN24/Aon-Sploit

No Cap

AonSploit No Cap Hầu hết các CVE này cũng được công nhận bởi oxagast Đây là một fuzzer, được viết bằng BASH SHELL, được thiết kế để tìm lỗi trong các chương trình BASH SHELL Đây là một công cụ để xây dựng danh sách từ dựa trên những

References

CWE-134https://github.com/storaged-project/udisks/issues/578https://usn.ubuntu.com/3772-1/https://access.redhat.com/errata/RHSA-2019:2178https://access.redhat.com/errata/RHSA-2019:2178https://usn.ubuntu.com/3772-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-22120CVE-2024-35921CVE-2024-35874brute forceCVE-2024-36080unprivilegedCVE-2024-35917IDORCVE-2024-4947
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook