udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability

Bugtraq ID:	39265
Class:	Design Error
CVE:	CVE-2010-1149
Remote:	No
Local:	Yes
Published:	Apr 06 2010 12:00AM
Updated:	Apr 13 2015 09:55PM
Credit:	Bastian Blank
Vulnerable:	freedesktop udisks 1.0
Not Vulnerable:

udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability

udisks is prone to a local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information that may lead to further attacks.

udisks 1.0.0 is affected; other versions may also be vulnerable.

udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability

Attackers can use readily available tools to exploit this issue.

udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability

Solution:
The vendor has fixed the issue in the GIT repository. Please see the references for more information.

udisks 'probers/udisks-dm-export.c' Local Information Disclosure Vulnerability

References:

• Bug 27494 - publicly exports dm key information (freedesktop)
  
• udisks Homepage (freedesktop)