suse · CVE-2018-17336

Quick triage

Priority: high Published: 2021-05-30 14:17:16 UTC Updated: 2026-03-05 06:39:52 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2018-17336 severity important: SUSE including 77 source package names (libudisks2-0, libudisks2-0-2.10.1-160000.2.2, …), 131 product×package rows across 34 product lines (SUSE Liberty Linux 7, SUSE Linux Enterprise Desktop 12 SP3, … (34 product lines)): Fixed 110, Known Not Affected 21.

Description:

UDisks 2.8.0 has a format string vulnerability in udisks_log in udiskslogging.c, allowing attackers to obtain sensitive information (stack contents), cause a denial of service (memory corruption), or possibly have unspecified other impact via a malformed filesystem label, as demonstrated by %d or %n substrings.

cvelogic Threat Intelligence