CVE-2025-8067— Udisks: out-of-bounds read in udisks daemon
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2025-8067
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Udisks: out-of-bounds read in udisks daemon
Source: NVD (National Vulnerability Database)
Vulnerability Description
A flaw was found in the Udisks daemon, where it allows unprivileged users to create loop devices using the D-BUS system. This is achieved via the loop device handler, which handles requests sent through the D-BUS interface. As two of the parameters of this handle, it receives the file descriptor list and index specifying the file where the loop device should be backed. The function itself validates the index value to ensure it isn't bigger than the maximum value allowed. However, it fails to validate the lower bound, allowing the index parameter to be a negative value. Under these circumstances, an attacker can cause the UDisks daemon to crash or perform a local privilege escalation by gaining access to files owned by privileged users.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
跨界内存读
Source: NVD (National Vulnerability Database)
Vulnerability Title
udisks 缓冲区错误漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
udisks是一款用于查询和管理存储设备的守护程序。 udisks存在缓冲区错误漏洞,该漏洞源于未验证索引下限,可能导致本地权限提升。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| storaged-project | udisks | 0 ~ 2.10.2 | - | |
| Red Hat | Red Hat Enterprise Linux 10 | 0:2.10.90-5.el10_0.1 ~ * | cpe:/o:redhat:enterprise_linux:10.0 | |
| Red Hat | Red Hat Enterprise Linux 7 Extended Lifecycle Support | 0:2.8.4-1.el7_9.2 ~ * | cpe:/o:redhat:rhel_els:7 | |
| Red Hat | Red Hat Enterprise Linux 8 | 0:2.9.0-16.el8_10.1 ~ * | cpe:/a:redhat:enterprise_linux:8::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.2 Advanced Update Support | 0:2.8.3-2.el8_2.1 ~ * | cpe:/a:redhat:rhel_aus:8.2::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | 0:2.9.0-6.el8_4.1 ~ * | cpe:/a:redhat:rhel_eus_long_life:8.4::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | 0:2.9.0-6.el8_4.1 ~ * | cpe:/a:redhat:rhel_eus_long_life:8.4::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 0:2.9.0-9.el8_6.1 ~ * | cpe:/a:redhat:rhel_e4s:8.6::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.6 Telecommunications Update Service | 0:2.9.0-9.el8_6.1 ~ * | cpe:/a:redhat:rhel_e4s:8.6::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions | 0:2.9.0-9.el8_6.1 ~ * | cpe:/a:redhat:rhel_e4s:8.6::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | 0:2.9.0-13.el8_8.1 ~ * | cpe:/a:redhat:rhel_e4s:8.8::appstream | |
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | 0:2.9.0-13.el8_8.1 ~ * | cpe:/a:redhat:rhel_e4s:8.8::appstream | |
| Red Hat | Red Hat Enterprise Linux 9 | 0:2.9.4-11.el9_6.1 ~ * | cpe:/a:redhat:enterprise_linux:9::appstream | |
| Red Hat | Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions | 0:2.9.4-3.el9_0.2 ~ * | cpe:/a:redhat:rhel_e4s:9.0::appstream | |
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | 0:2.9.4-7.el9_2.2 ~ * | cpe:/a:redhat:rhel_e4s:9.2::appstream | |
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support | 0:2.9.4-10.el9_4.2 ~ * | cpe:/a:redhat:rhel_eus:9.4::crb | |
| Red Hat | Red Hat Enterprise Linux 6 | - | cpe:/o:redhat:enterprise_linux:6 |
II. Public POCs for CVE-2025-8067
| # | POC Description | Source Link | Shenlong Link |
|---|---|---|---|
| 1 | Proof of Concept for CVE-2025-8067 | https://github.com/born0monday/CVE-2025-8067 | POC Details |
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2025-8067
请登录查看更多情报信息。
IV. Related Vulnerabilities
Same product: udisks
Same weakness: CWE-125
- CVE-2026-8177
XML::LibXML versions through 2.0210 for Perl read out-of-bou - CVE-2026-6104
Global buffer over-read in mb_convert_encoding() with attack - CVE-2026-7258
Out-of-bounds read in urldecode() on NetBSD - CVE-2026-8186
Open5GS NF client.c ogs_sbi_client_send_via_scp_or_sepp out- - CVE-2026-3508
ASUS System Control Interface 缓冲区错误漏洞
V. Comments for CVE-2025-8067
No comments yet