Download
| Alert*
oval:org.secpod.oval:def:400093
Sebastian Krahmer of SUSE Security identified a problem in udevd with handling of netlink messages. Local attackers could inject netlink messages due to a missing origin check where only the kernel should have been able to and so are able to escalate privileges. CVE-2009-1185 Fixed packages have bee ... oval:org.secpod.oval:def:101368 The udev package contains an implementation of devfs in userspace using sysfs and netlink. oval:org.secpod.oval:def:301230 Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space . Buffer overflow in the util_path_encode function in ud ... oval:org.secpod.oval:def:600333 Sebastian Kramer discovered two vulnerabilities in udev, the /dev and hotplug management daemon. CVE-2009-1185 udev does not check the origin of NETLINK messages, allowing local users to gain root privileges. CVE-2009-1186 udev suffers from a buffer overflow condition in path encoding, potentially a ... oval:org.secpod.oval:def:101431 The udev package contains an implementation of devfs in userspace using sysfs and netlink. oval:org.secpod.oval:def:301207 Security vulnerabilities have been identified and fixed in udev. udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space . Buffer overflow in the util_path_encode function in ud ... oval:org.mitre.oval:def:8217 Sebastian Kramer discovered two vulnerabilities in udev, the /dev and hotplug management daemon. udev does not check the origin of NETLINK messages, allowing local users to gain root privileges. udev suffers from a buffer overflow condition in path encoding, potentially allowing arbitrary code execu ... oval:org.secpod.oval:def:700337 Sebastian Krahmer discovered that udev did not correctly validate netlink message senders. A local attacker could send specially crafted messages to udev in order to gain root privileges. Sebastian Krahmer discovered a buffer overflow in the path encoding routines in udev. A local attacker could ex ... |