CVE-2009-1185 — HIGH (7.2) — White Hats Nepal

Q: What is CVE-2009-1185?

CVE-2009-1185 is a vulnerability with a CVSS score of 7.2 (HIGH). udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

Q: How severe is CVE-2009-1185?

CVE-2009-1185 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2009-1185?

Check the references section above for vendor advisories and patch information. Affected products include: Udev Project Udev, Suse Linux Enterprise Debuginfo, Opensuse Opensuse, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server.

Vulnerability Description

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

CVSS Score

7.2

HIGH

AV:L/AC:L/Au:N/C:C/I:C/A:C

Confidentiality

COMPLETE

Integrity

COMPLETE

Availability

COMPLETE

Affected Products

Vendor	Product	Versions
Udev Project	Udev	< 141
Suse	Linux Enterprise Debuginfo	10
Opensuse	Opensuse	10.3
Suse	Linux Enterprise Desktop	10
Suse	Linux Enterprise Server	10
Debian	Debian Linux	4.0
Canonical	Ubuntu Linux	6.06
Fedoraproject	Fedora	9
Juniper	Ctpview	< 7.1

Related Weaknesses (CWE)

CWE-346

References

http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4
http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.htmlMailing ListThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.htmlMailing ListThird Party Advisory
http://lists.vmware.com/pipermail/security-announce/2009/000060.htmlThird Party Advisory
http://secunia.com/advisories/34731Not Applicable
http://secunia.com/advisories/34750Not Applicable
http://secunia.com/advisories/34753Not Applicable
http://secunia.com/advisories/34771Not Applicable
http://secunia.com/advisories/34776Not Applicable
http://secunia.com/advisories/34785Not Applicable
http://secunia.com/advisories/34787Not Applicable
http://secunia.com/advisories/34801Not Applicable

FAQ

What is CVE-2009-1185?

CVE-2009-1185 is a vulnerability with a CVSS score of 7.2 (HIGH). udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

How severe is CVE-2009-1185?

CVE-2009-1185 has been rated HIGH with a CVSS base score of 7.2/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2009-1185?

Check the references section above for vendor advisories and patch information. Affected products include: Udev Project Udev, Suse Linux Enterprise Debuginfo, Opensuse Opensuse, Suse Linux Enterprise Desktop, Suse Linux Enterprise Server.