CVE-2018-17336
Description
UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.344
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.3 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.4 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.5 | Windows |
| service to access and manipulate storage devices (USN-3772-1) udisks2_2.7.6-3ubuntu0.2_i386.deb | Linux |
| service to access and manipulate storage devices (USN-3772-1) udisks2_2.7.6-3ubuntu0.2_amd64.deb | Linux |
| (RHSA-2019:2178)Moderate: security, bug fix, and enhancement update udisks2-debuginfo-2.7.3-9.el7.i686.rpm | Linux |
| (RHSA-2019:2178)Moderate: security, bug fix, and enhancement update udisks2-debuginfo-2.7.3-9.el7.x86_64.rpm | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234