udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
13 Feb 2023, 02:19
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. |
02 Feb 2023, 17:16
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | CVE-2009-1185 udev: Uncheck origin of NETLINK messages |
03 Jun 2022, 15:05
Type | Values Removed | Values Added |
---|---|---|
References | (BID) http://www.securityfocus.com/bid/34536 - Third Party Advisory, VDB Entry | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:104 - Broken Link | |
References | (EXPLOIT-DB) https://www.exploit-db.com/exploits/8572 - Exploit, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/34750 - Not Applicable | |
References | (MLIST) http://lists.vmware.com/pipermail/security-announce/2009/000060.html - Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975 - Third Party Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/502752/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html - Mailing List, Third Party Advisory | |
References | (SECTRACK) http://www.securitytracker.com/id?1022067 - Broken Link, Third Party Advisory, VDB Entry | |
References | (REDHAT) http://www.redhat.com/support/errata/RHSA-2009-0427.html - Third Party Advisory | |
References | (CONFIRM) http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705 - Third Party Advisory | |
References | (MISC) https://launchpad.net/bugs/cve/2009-1185 - Issue Tracking, Third Party Advisory | |
References | (OVAL) https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/34785 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/34731 - Not Applicable | |
References | (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml - Third Party Advisory | |
References | (MISC) http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 - Broken Link | |
References | (SECUNIA) http://secunia.com/advisories/34753 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/34787 - Not Applicable | |
References | (CONFIRM) http://wiki.rpath.com/Advisories:rPSA-2009-0063 - Broken Link | |
References | (UBUNTU) http://www.ubuntu.com/usn/usn-758-1 - Third Party Advisory | |
References | (SLACKWARE) http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399 - Mailing List, Third Party Advisory | |
References | (CONFIRM) http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e86a923d508c2aed371cdd958ce82489cf2ab615 - Patch, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34801 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/34771 - Not Applicable | |
References | (DEBIAN) http://www.debian.org/security/2009/dsa-1772 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/35766 - Not Applicable | |
References | (VUPEN) http://www.vupen.com/english/advisories/2009/1053 - Permissions Required | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:103 - Broken Link | |
References | (VUPEN) http://www.vupen.com/english/advisories/2009/1865 - Permissions Required | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html - Mailing List, Third Party Advisory | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/504849/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=495051 - Issue Tracking, Patch, Third Party Advisory | |
References | (CONFIRM) http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 - Third Party Advisory | |
References | (CONFIRM) http://www.vmware.com/security/advisories/VMSA-2009-0009.html - Third Party Advisory | |
References | (CONFIRM) http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e2b362d9f23d4c63018709ab5f81a02f72b91e75 - Patch, Third Party Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34776 - Not Applicable | |
CWE | CWE-346 | |
CPE | cpe:2.3:a:kernel:udev:0.1.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.0-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.9-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.8-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.1-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:*:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.4-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.5-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.4:*:*:*:*:*:*:* |
cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:* cpe:2.3:a:udev_project:udev:*:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:* cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* cpe:2.3:a:juniper:ctpview:*:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* cpe:2.3:a:juniper:ctpview:7.1:r1:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:* cpe:2.3:a:juniper:ctpview:7.2:-:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:* cpe:2.3:a:juniper:ctpview:7.1:-:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:* |
First Time |
Suse linux Enterprise Debuginfo
Juniper Opensuse opensuse Udev Project udev Suse linux Enterprise Server Fedoraproject fedora Canonical Debian debian Linux Suse linux Enterprise Desktop Juniper ctpview Fedoraproject Debian Canonical ubuntu Linux Opensuse Suse Udev Project |
Information
Published : 2009-04-17 14:30
Updated : 2023-12-10 10:51
NVD link : CVE-2009-1185
Mitre link : CVE-2009-1185
CVE.ORG link : CVE-2009-1185
JSON object : View
Products Affected
suse
- linux_enterprise_debuginfo
- linux_enterprise_server
- linux_enterprise_desktop
juniper
- ctpview
opensuse
- opensuse
udev_project
- udev
debian
- debian_linux
canonical
- ubuntu_linux
fedoraproject
- fedora
CWE
CWE-346
Origin Validation Error