Attacker Value
Unknown
(0 users assessed)
Exploitability
Unknown
(0 users assessed)
User Interaction
Unknown
Privileges Required
Unknown
Attack Vector
Unknown
0

CVE-2009-1185

Disclosure Date: April 17, 2009
CVE-2009-1185
Add MITRE ATT&CK tactics and techniques that apply to this CVE.

Description

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

Add Assessment

No one has assessed this topic. Be the first to add your voice to the community.

CVSS V3 Severity and Metrics
Base Score:
None
Impact Score:
Unknown
Exploitability Score:
Unknown
Vector:
Unknown
Attack Vector (AV):
Unknown
Attack Complexity (AC):
Unknown
Privileges Required (PR):
Unknown
User Interaction (UI):
Unknown
Scope (S):
Unknown
Confidentiality (C):
Unknown
Integrity (I):
Unknown
Availability (A):
Unknown

General Information

Offensive Application
Unknown
Utility Class
Unknown
Ports
Unknown
OS
Unknown
Vulnerable Versions
n/a
Prerequisites
Unknown
Discovered By
Unknown
PoC Author
Unknown
Metasploit Module
exploit/linux/local/udev_netlink
Reporter
Unknown

Vendors

  • canonical,
  • debian,
  • fedoraproject,
  • juniper,
  • opensuse,
  • suse,
  • udev project

Products

  • ctpview,
  • ctpview 7.1,
  • ctpview 7.2,
  • debian linux 4.0,
  • debian linux 5.0,
  • fedora 10,
  • fedora 9,
  • linux enterprise debuginfo 10,
  • linux enterprise debuginfo 11,
  • linux enterprise desktop 10,
  • linux enterprise desktop 11,
  • linux enterprise server 10,
  • linux enterprise server 11,
  • opensuse 10.3,
  • opensuse 11.0,
  • opensuse 11.1,
  • ubuntu linux 6.06,
  • ubuntu linux 7.10,
  • ubuntu linux 8.04,
  • ubuntu linux 8.10,
  • udev

References

Canonical
CVE-2009-1185 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185)
BID-34536 (http://www.securityfocus.com/bid/34536)
Advisory
20090417 rPSA-2009-0063-1 udev (http://www.securityfocus.com/archive/1/502752/100/0/threaded)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5975
SECUNIA-34801 (http://secunia.com/advisories/34801)
SECUNIA-35766 (http://secunia.com/advisories/35766)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:104
FEDORA-2009-3712 (https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html)
DSA-1772 (http://www.debian.org/security/2009/dsa-1772)
GLSA-200904-18 (http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml)
ADV-2009-1865 (http://www.vupen.com/english/advisories/2009/1865)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10925
SECTRACK-1022067 (http://www.securitytracker.com/id?1022067)
http://git.kernel.org?p=linux/hotplug/udev.git;a=commitdiff;h=e2b362d9f23d4c63018709ab5f81a02f72b91e75
http://www.redhat.com/support/errata/RHSA-2009-0427.html
http://www.mandriva.com/security/advisories?name=MDVSA-2009:103
SECUNIA-34776 (http://secunia.com/advisories/34776)
SECUNIA-34731 (http://secunia.com/advisories/34731)
[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl (http://lists.vmware.com/pipermail/security-announce/2009/000060.html)
SECUNIA-34753 (http://secunia.com/advisories/34753)
SECUNIA-34785 (http://secunia.com/advisories/34785)
SECUNIA-34787 (http://secunia.com/advisories/34787)
FEDORA-2009-3711 (https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html)
ADV-2009-1053 (http://www.vupen.com/english/advisories/2009/1053)
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00012.html
USN-758-1 (http://www.ubuntu.com/usn/usn-758-1)
http://git.kernel.org?p=linux/hotplug/udev.git;a=commitdiff;h=e86a923d508c2aed371cdd958ce82489cf2ab615
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
SECUNIA-34771 (http://secunia.com/advisories/34771)
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10705
20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl (http://www.securityfocus.com/archive/1/504849/100/0/threaded)
SECUNIA-34750 (http://secunia.com/advisories/34750)
http://wiki.rpath.com/Advisories:rPSA-2009-0063
http://www.vmware.com/security/advisories/VMSA-2009-0009.html
https://bugzilla.redhat.com/show_bug.cgi?id=495051
EXPLOIT-DB-8572 (https://www.exploit-db.com/exploits/8572)
Miscellaneous
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
https://launchpad.net/bugs/cve/2009-1185
http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e2b362d9f23d4c63018709ab5f81a02f72b91e75
http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=e86a923d508c2aed371cdd958ce82489cf2ab615
https://access.redhat.com/errata/RHSA-2009:0427
https://access.redhat.com/security/cve/CVE-2009-1185

Additional Info

Authenticated
Unknown
Exploitable
Unknown
Reliability
Unknown
Stability
Unknown
Available Mitigations
Unknown
Shelf Life
Unknown
Userbase/Installbase
Unknown
Patch Effectiveness
Unknown
Technical Analysis