CVE-2009-1185
First published: Thu Apr 09 2009(Updated: )
A privilege escalation flaw was found in the way udev used to check for the origin of messages sent from the NETLINK service. An attacker could use this flaw to escalate his privileges by sending the NETLINK message from userspace process, instead of from the kernel. Acknowledgements: Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for responsibly reporting this flaw.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| udev project udev | <141 | |
| SUSE Linux Enterprise Debuginfo | =10-sp2 | |
| SUSE Linux Enterprise Debuginfo | =11 | |
| openSUSE | =10.3 | |
| openSUSE | =11.0 | |
| openSUSE | =11.1 | |
| SUSE Linux Enterprise Desktop with Beagle | =10-sp2 | |
| SUSE Linux Enterprise Desktop with Beagle | =11 | |
| SUSE Linux Enterprise Server | =10-sp2 | |
| SUSE Linux Enterprise Server | =11 | |
| Debian GNU/Linux | =4.0 | |
| Debian GNU/Linux | =5.0 | |
| Ubuntu Linux | =6.06 | |
| Ubuntu Linux | =7.10 | |
| Ubuntu Linux | =8.04 | |
| Ubuntu Linux | =8.10 | |
| Fedoraproject Fedora | =9 | |
| Fedoraproject Fedora | =10 | |
| juniper ctpview | <7.1 | |
| juniper ctpview | =7.1 | |
| juniper ctpview | =7.1-r1 | |
| juniper ctpview | =7.2 | |
| Debian | =5.0 | |
| Debian | =4.0 | |
| Ubuntu | =7.10 | |
| Ubuntu | =8.10 | |
| Ubuntu | =8.04 | |
| Ubuntu | =6.06 | |
| Fedora | =10 | |
| Fedora | =9 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://launchpad.net/bugs/cve/2009-1185
- http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063
- http://www.securitytracker.com/id?1022067
- http://www.securityfocus.com/archive/1/502752/100/0/threaded
- http://www.securityfocus.com/archive/1/504849/100/0/threaded
- http://www.securityfocus.com/bid/34536
- http://secunia.com/advisories/34731
- http://secunia.com/advisories/34750
- http://secunia.com/advisories/34753
- http://secunia.com/advisories/34771
- http://secunia.com/advisories/34776
- http://secunia.com/advisories/34785
- http://secunia.com/advisories/34787
- http://secunia.com/advisories/34801
- http://secunia.com/advisories/35766
- https://www.exploit-db.com/exploits/8572
- http://www.vupen.com/english/advisories/2009/1053
- http://www.vupen.com/english/advisories/2009/1865
- http://www.debian.org/security/2009/dsa-1772
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html
- http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:103
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:104
- https://bugzilla.redhat.com/show_bug.cgi?id=495051
- http://www.redhat.com/support/errata/RHSA-2009-0427.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html
- http://www.ubuntu.com/usn/usn-758-1
- http://lists.vmware.com/pipermail/security-announce/2009/000060.html
- http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75
- http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://wiki.rpath.com/Advisories:rPSA-2009-0063
- http://www.vmware.com/security/advisories/VMSA-2009-0009.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975
- http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e2b362d9f23d4c63018709ab5f81a02f72b91e75
- http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e86a923d508c2aed371cdd958ce82489cf2ab615
- http://admin.fedoraproject.org/updates/udev-124-3.fc9
- http://admin.fedoraproject.org/updates/udev-127-4.fc10
- http://admin.fedoraproject.org/updates/udev-124-4.fc9
- https://rhn.redhat.com/errata/RHSA-2009-0427.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
Frequently Asked Questions
What is the severity of CVE-2009-1185?
CVE-2009-1185 is classified as a privilege escalation vulnerability.
How do I fix CVE-2009-1185?
To fix CVE-2009-1185, update the affected software to the latest patched version.
Which systems are affected by CVE-2009-1185?
CVE-2009-1185 affects various versions of udev, SUSE Linux, Debian, Ubuntu, and Fedora.
What is the impact of CVE-2009-1185?
The impact of CVE-2009-1185 allows attackers to escalate their privileges on the affected systems.
Is there a workaround for CVE-2009-1185?
There is no specific workaround for CVE-2009-1185; updating the software is the recommended solution.
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/remedy
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- collector/launchpad-cve
- source/Launchpad
- agent/last-modified-date
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-1185
- agent/trending
- agent/source
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- vendor/udev project
- canonical/udev project udev
- vendor/suse
- canonical/suse linux enterprise debuginfo
- version/suse linux enterprise debuginfo/10-sp2
- version/suse linux enterprise debuginfo/11
- vendor/opensuse
- canonical/opensuse
- version/opensuse/10.3
- version/opensuse/11.0
- version/opensuse/11.1
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/10-sp2
- version/suse linux enterprise desktop with beagle/11
- canonical/suse linux enterprise server
- version/suse linux enterprise server/10-sp2
- version/suse linux enterprise server/11
- vendor/debian
- canonical/debian gnu/linux
- version/debian gnu/linux/4.0
- version/debian gnu/linux/5.0
- vendor/canonical
- canonical/ubuntu linux
- version/ubuntu linux/6.06
- version/ubuntu linux/7.10
- version/ubuntu linux/8.04
- version/ubuntu linux/8.10
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/9
- version/fedoraproject fedora/10
- vendor/juniper
- canonical/juniper ctpview
- version/juniper ctpview/7.1
- version/juniper ctpview/7.1-r1
- version/juniper ctpview/7.2
- canonical/debian
- version/debian/5.0
- version/debian/4.0
- canonical/ubuntu
- version/ubuntu/7.10
- version/ubuntu/8.10
- version/ubuntu/8.04
- version/ubuntu/6.06
- canonical/fedora
- version/fedora/10
- version/fedora/9