CVE-2025-8067 (CNNVD-202508-3470)
中文标题:
udisks 缓冲区错误漏洞
英文标题:
Udisks: out-of-bounds read in udisks daemon
漏洞描述
中文描述:
udisks是一款用于查询和管理存储设备的守护程序。 udisks存在缓冲区错误漏洞,该漏洞源于未验证索引下限,可能导致本地权限提升。
英文描述:
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
CWE类型:
标签:
受影响产品
| 厂商 | 产品 | 版本 | 版本范围 | 平台 | CPE |
|---|---|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | - | - | - |
cpe:/o:redhat:enterprise_linux:10.0
|
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support | - | - | - |
cpe:/o:redhat:rhel_els:7
|
| Red Hat | Red Hat Enterprise Linux 8 | 8 | - | - |
cpe:/a:redhat:enterprise_linux:8::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | 8.2 | - | - |
cpe:/a:redhat:rhel_aus:8.2::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | 8.4 | - | - |
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | 8.4 | - | - |
cpe:/a:redhat:rhel_eus_long_life:8.4::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 8.6 | - | - |
cpe:/a:redhat:rhel_e4s:8.6::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service | 8.6 | - | - |
cpe:/a:redhat:rhel_e4s:8.6::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | 8.6 | - | - |
cpe:/a:redhat:rhel_e4s:8.6::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | 8.8 | - | - |
cpe:/a:redhat:rhel_tus:8.8::appstream
|
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | 8.8 | - | - |
cpe:/a:redhat:rhel_tus:8.8::appstream
|
| Red Hat | Red Hat Enterprise Linux 9 | 9 | - | - |
cpe:/a:redhat:enterprise_linux:9::appstream
|
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | 9.0 | - | - |
cpe:/a:redhat:rhel_e4s:9.0::appstream
|
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | 9.2 | - | - |
cpe:/a:redhat:rhel_e4s:9.2::appstream
|
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support | 9.4 | - | - |
cpe:/a:redhat:rhel_eus:9.4::crb
|
| Red Hat | Red Hat Enterprise Linux 6 | - | - | - |
cpe:/o:redhat:enterprise_linux:6
|
| storaged-project | udisks | - | < 2.10.2 | - |
cpe:2.3:a:storaged-project:udisks:*:*:*:*:*:*:*:*
|
解决方案
中文解决方案:
英文解决方案:
临时解决方案:
参考链接
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
cve.org
nvd.nist.gov
nvd.nist.gov
CVSS评分详情
3.1 (cna)
HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
时间信息
利用信息
数据源详情
| 数据源 | 记录ID | 版本 | 提取时间 |
|---|---|---|---|
| CVE | cve_CVE-2025-8067 |
2025-11-11 15:23:36 | 2025-11-11 07:40:52 |
| NVD | nvd_CVE-2025-8067 |
2025-11-11 15:01:01 | 2025-11-11 07:48:38 |
| CNNVD | cnnvd_CNNVD-202508-3470 |
2025-11-11 15:12:55 | 2025-11-11 08:00:08 |
版本与语言
安全公告
变更历史
查看详细变更
- affected_products_count: 16 -> 17
查看详细变更
- vulnerability_type: 未提取 -> 缓冲区错误
- cnnvd_id: 未提取 -> CNNVD-202508-3470
- data_sources: ['cve', 'nvd'] -> ['cnnvd', 'cve', 'nvd']
查看详细变更
- references_count: 13 -> 15
- data_sources: ['cve'] -> ['cve', 'nvd']