File 0001-udiskslinuxencrypted-Add-missing-polkit-check-for-He.patch of Package udisks2
From cd946e277702e3ebd22a15057a83d7336dfbeaf5 Mon Sep 17 00:00:00 2001
From: Tomas Bzatek <tbzatek@redhat.com>
Date: Fri, 13 Feb 2026 17:07:53 +0100
Subject: [PATCH] udiskslinuxencrypted: Add missing polkit check for
HeaderBackup()
The handle_header_backup() method call handler was missing a polkit
authorization check, allowing unprivileged local users to freely invoke
this D-Bus method.
CVE-ID: CVE-2026-26104
Reported-by: Asim Viladi Oglu Manizada <manizada@pm.me>
---
src/udiskslinuxencrypted.c | 19 +++++++++++++++++++
1 file changed, 19 insertions(+)
diff --git a/src/udiskslinuxencrypted.c b/src/udiskslinuxencrypted.c
index 7d9176d3..dd7664cc 100644
--- a/src/udiskslinuxencrypted.c
+++ b/src/udiskslinuxencrypted.c
@@ -1371,6 +1371,7 @@ handle_header_backup (UDisksEncrypted *encrypted,
UDisksBlock *block;
UDisksDaemon *daemon;
UDisksState *state = NULL;
+ const gchar *action_id;
uid_t caller_uid;
GError *error = NULL;
UDisksBaseJob *job = NULL;
@@ -1407,6 +1408,24 @@ handle_header_backup (UDisksEncrypted *encrypted,
goto out;
}
+ action_id = "org.freedesktop.udisks2.open-device";
+ if (udisks_block_get_hint_system (block))
+ action_id = "org.freedesktop.udisks2.open-device-system";
+
+ if (!udisks_daemon_util_check_authorization_sync (daemon,
+ object,
+ action_id,
+ options,
+ /* Translators: Shown in authentication dialog when backing up
+ * a LUKS header of a device.
+ *
+ * Do not translate $(device.name), it's a placeholder and will
+ * be replaced by the name of the drive/device in question
+ */
+ N_("Authentication is required to back up the encrypted header of $(device.name)"),
+ invocation))
+ goto out;
+
job = udisks_daemon_launch_simple_job (daemon,
UDISKS_OBJECT (object),
"encrypted-header-backup",
--
2.53.0
