The udisks package provides a daemon, a D-Bus API, and command line utilities for managing disks and storage devices. A stack-based buffer overflow flaw was found in the way udisks handled files with long path names. A malicious, local user could use this flaw to create a specially crafted directory structure that, when processed by the udisks daemon, could lead to arbitrary code execution with the privileges of the udisks daemon . This issue was discovered by Florian Weimer of the Red Hat Product Security Team. All udisks users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue.