CVE-2009-1185
First published: Thu Apr 09 2009(Updated: )
A privilege escalation flaw was found in the way udev used to check for the origin of messages sent from the NETLINK service. An attacker could use this flaw to escalate his privileges by sending the NETLINK message from userspace process, instead of from the kernel. Acknowledgements: Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for responsibly reporting this flaw.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Udev Project Udev | <141 | |
| SUSE Linux Enterprise Debuginfo | =10-sp2 | |
| SUSE Linux Enterprise Debuginfo | =11 | |
| openSUSE openSUSE | =10.3 | |
| openSUSE openSUSE | =11.0 | |
| openSUSE openSUSE | =11.1 | |
| SUSE Linux Enterprise Desktop | =10-sp2 | |
| SUSE Linux Enterprise Desktop | =11 | |
| SUSE Linux Enterprise Server | =10-sp2 | |
| SUSE Linux Enterprise Server | =11 | |
| Debian Debian Linux | =4.0 | |
| Debian Debian Linux | =5.0 | |
| Canonical Ubuntu Linux | =6.06 | |
| Canonical Ubuntu Linux | =7.10 | |
| Canonical Ubuntu Linux | =8.04 | |
| Canonical Ubuntu Linux | =8.10 | |
| Fedoraproject Fedora | =9 | |
| Fedoraproject Fedora | =10 | |
| Juniper Ctpview | <7.1 | |
| Juniper Ctpview | =7.1 | |
| Juniper Ctpview | =7.1-r1 | |
| Juniper Ctpview | =7.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://launchpad.net/bugs/cve/2009-1185
- http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063
- http://www.securitytracker.com/id?1022067
- http://www.securityfocus.com/archive/1/502752/100/0/threaded
- http://www.securityfocus.com/archive/1/504849/100/0/threaded
- http://www.securityfocus.com/bid/34536
- http://secunia.com/advisories/34731
- http://secunia.com/advisories/34750
- http://secunia.com/advisories/34753
- http://secunia.com/advisories/34771
- http://secunia.com/advisories/34776
- http://secunia.com/advisories/34785
- http://secunia.com/advisories/34787
- http://secunia.com/advisories/34801
- http://secunia.com/advisories/35766
- https://www.exploit-db.com/exploits/8572
- http://www.vupen.com/english/advisories/2009/1053
- http://www.vupen.com/english/advisories/2009/1865
- http://www.debian.org/security/2009/dsa-1772
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html
- https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html
- http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:103
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:104
- https://bugzilla.redhat.com/show_bug.cgi?id=495051
- http://www.redhat.com/support/errata/RHSA-2009-0427.html
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html
- http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html
- http://www.ubuntu.com/usn/usn-758-1
- http://lists.vmware.com/pipermail/security-announce/2009/000060.html
- http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75
- http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://wiki.rpath.com/Advisories:rPSA-2009-0063
- http://www.vmware.com/security/advisories/VMSA-2009-0009.html
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975
- http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e2b362d9f23d4c63018709ab5f81a02f72b91e75
- http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=e86a923d508c2aed371cdd958ce82489cf2ab615
- http://admin.fedoraproject.org/updates/udev-124-3.fc9
- http://admin.fedoraproject.org/updates/udev-127-4.fc10
- http://admin.fedoraproject.org/updates/udev-124-4.fc9
- https://rhn.redhat.com/errata/RHSA-2009-0427.html
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
- http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
- agent/type
- agent/first-publish-date
- agent/weakness
- agent/references
- agent/severity
- agent/remedy
- agent/author
- agent/description
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- collector/launchpad-cve
- source/Launchpad
- agent/last-modified-date
- agent/tags
- agent/event
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-1185
- vendor/udev project
- canonical/udev project udev
- vendor/suse
- canonical/suse linux enterprise debuginfo
- version/suse linux enterprise debuginfo/10-sp2
- version/suse linux enterprise debuginfo/11
- vendor/opensuse
- canonical/opensuse opensuse
- version/opensuse opensuse/10.3
- version/opensuse opensuse/11.0
- version/opensuse opensuse/11.1
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/10-sp2
- version/suse linux enterprise desktop/11
- canonical/suse linux enterprise server
- version/suse linux enterprise server/10-sp2
- version/suse linux enterprise server/11
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/4.0
- version/debian debian linux/5.0
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/6.06
- version/canonical ubuntu linux/7.10
- version/canonical ubuntu linux/8.04
- version/canonical ubuntu linux/8.10
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/9
- version/fedoraproject fedora/10
- vendor/juniper
- canonical/juniper ctpview
- version/juniper ctpview/7.1
- version/juniper ctpview/7.1-r1
- version/juniper ctpview/7.2