Executive Summary
Summary | |
---|---|
Title | udev security update |
Informations | |||
---|---|---|---|
Name | RHSA-2009:0427 | First vendor Publication | 2009-04-16 |
Vendor | RedHat | Last vendor Modification | 2009-04-16 |
Severity (Vendor) | Important | Revision | 01 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:L/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 7.2 | Attack Range | Local |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 3.9 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Problem Description: Updated udev packages that fix one security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: RHEL Desktop Workstation (v. 5 client) - i386, x86_64 Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux Desktop (v. 5 client) - i386, x86_64 3. Description: udev provides a user-space API and implements a dynamic device directory, providing only the devices present on the system. udev replaces devfs in order to provide greater hot plug functionality. Netlink is a datagram oriented service, used to transfer information between kernel modules and user-space processes. It was discovered that udev did not properly check the origin of Netlink messages. A local attacker could use this flaw to gain root privileges via a crafted Netlink message sent to udev, causing it to create a world-writable block device file for an existing system block device (for example, the root file system). (CVE-2009-1185) Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for responsibly reporting this flaw. Users of udev are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the update, the udevd daemon will be restarted automatically. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/docs/DOC-11259 5. Bugs fixed (http://bugzilla.redhat.com/): 495051 - CVE-2009-1185 udev: Uncheck origin of NETLINK messages |
Original Source
Url : https://rhn.redhat.com/errata/RHSA-2009-0427.html |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-346 | Origin Validation Error |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:10925 | |||
Oval ID: | oval:org.mitre.oval:def:10925 | ||
Title: | udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. | ||
Description: | udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1185 | Version: | 5 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 Oracle Linux 5 | Product(s): | |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:22746 | |||
Oval ID: | oval:org.mitre.oval:def:22746 | ||
Title: | ELSA-2009:0427: udev security update (Important) | ||
Description: | udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. | ||
Family: | unix | Class: | patch |
Reference(s): | ELSA-2009:0427-01 CVE-2009-1185 | Version: | 6 |
Platform(s): | Oracle Linux 5 | Product(s): | udev |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:28703 | |||
Oval ID: | oval:org.mitre.oval:def:28703 | ||
Title: | RHSA-2009:0427 -- udev security update (Important) | ||
Description: | Updated udev packages that fix one security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. udev provides a user-space API and implements a dynamic device directory, providing only the devices present on the system. udev replaces devfs in order to provide greater hot plug functionality. Netlink is a datagram oriented service, used to transfer information between kernel modules and user-space processes. It was discovered that udev did not properly check the origin of Netlink messages. A local attacker could use this flaw to gain root privileges via a crafted Netlink message sent to udev, causing it to create a world-writable block device file for an existing system block device (for example, the root file system). (CVE-2009-1185) | ||
Family: | unix | Class: | patch |
Reference(s): | RHSA-2009:0427 CESA-2009:0427-CentOS 5 CVE-2009-1185 | Version: | 3 |
Platform(s): | Red Hat Enterprise Linux 5 CentOS Linux 5 | Product(s): | udev |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5975 | |||
Oval ID: | oval:org.mitre.oval:def:5975 | ||
Title: | udev Netlink Message Validation Local Privilege Escalation Vulnerability | ||
Description: | udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space. | ||
Family: | unix | Class: | vulnerability |
Reference(s): | CVE-2009-1185 | Version: | 5 |
Platform(s): | VMWare ESX Server 4.0 | Product(s): | |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 4 | |
Application | 2 | |
Application | 2 | |
Os | 4 | |
Os | 2 | |
Os | 2 | |
Os | 3 | |
Os | 2 | |
Os | 2 |
ExploitDB Exploits
id | Description |
---|---|
2009-04-30 | Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit |
OpenVAS Exploits
Date | Description |
---|---|
2011-08-09 | Name : CentOS Update for libvolume_id-095 CESA-2009:0427 centos5 i386 File : nvt/gb_CESA-2009_0427_libvolume_id-095_centos5_i386.nasl |
2009-12-10 | Name : Mandriva Security Advisory MDVSA-2009:103-1 (udev) File : nvt/mdksa_2009_103_1.nasl |
2009-10-13 | Name : SLES10: Security update for udev File : nvt/sles10_udev0.nasl |
2009-10-13 | Name : SLES10: Security update for udev File : nvt/sles10_udev.nasl |
2009-10-11 | Name : SLES11: Security update for udev File : nvt/sles11_libvolume_id1.nasl |
2009-07-29 | Name : Ubuntu USN-802-1 (apache2) File : nvt/ubuntu_802_1.nasl |
2009-07-29 | Name : Ubuntu USN-801-1 (tiff) File : nvt/ubuntu_801_1.nasl |
2009-07-29 | Name : Ubuntu USN-799-1 (dbus) File : nvt/ubuntu_799_1.nasl |
2009-05-05 | Name : Mandrake Security Advisory MDVSA-2009:103 (udev) File : nvt/mdksa_2009_103.nasl |
2009-05-05 | Name : Mandrake Security Advisory MDVSA-2009:104 (udev) File : nvt/mdksa_2009_104.nasl |
2009-04-20 | Name : Gentoo Security Advisory GLSA 200904-18 (udev) File : nvt/glsa_200904_18.nasl |
2009-04-20 | Name : Fedora Core 9 FEDORA-2009-3712 (udev) File : nvt/fcore_2009_3712.nasl |
2009-04-20 | Name : Fedora Core 10 FEDORA-2009-3711 (udev) File : nvt/fcore_2009_3711.nasl |
2009-04-20 | Name : SuSE Security Advisory SUSE-SA:2009:020 (udev) File : nvt/suse_sa_2009_020.nasl |
2009-04-20 | Name : Ubuntu USN-757-1 (gs-gpl) File : nvt/ubuntu_757_1.nasl |
2009-04-20 | Name : Ubuntu USN-758-1 (udev) File : nvt/ubuntu_758_1.nasl |
2009-04-20 | Name : Ubuntu USN-759-1 (poppler) File : nvt/ubuntu_759_1.nasl |
2009-04-20 | Name : Debian Security Advisory DSA 1772-1 (udev) File : nvt/deb_1772_1.nasl |
2009-04-20 | Name : RedHat Security Advisory RHSA-2009:0427 File : nvt/RHSA_2009_0427.nasl |
0000-00-00 | Name : Slackware Advisory SSA:2009-111-01 udev File : nvt/esoft_slk_ssa_2009_111_01.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
53810 | udev User Space NETLINK Message Local Privilege Escalation |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2015-07-16 | IAVM : 2015-A-0150 - Multiple Security Vulnerabilities in Juniper Networks CTPView Severity : Category I - VMSKEY : V0061073 |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2016-03-03 | Name : The remote host is missing a security-related patch. File : vmware_VMSA-2009-0009_remote.nasl - Type : ACT_GATHER_INFO |
2014-11-26 | Name : The remote OracleVM host is missing one or more security updates. File : oraclevm_OVMSA-2009-0006.nasl - Type : ACT_GATHER_INFO |
2013-07-12 | Name : The remote Oracle Linux host is missing one or more security updates. File : oraclelinux_ELSA-2009-0427.nasl - Type : ACT_GATHER_INFO |
2012-08-01 | Name : The remote Scientific Linux host is missing one or more security updates. File : sl_20090416_udev_on_SL5_x.nasl - Type : ACT_GATHER_INFO |
2011-02-17 | Name : The remote VMware ESX host is missing one or more security-related patches. File : vmware_VMSA-2009-0009.nasl - Type : ACT_GATHER_INFO |
2010-01-06 | Name : The remote CentOS host is missing one or more security updates. File : centos_RHSA-2009-0427.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 11 host is missing one or more security updates. File : suse_11_libudev-devel-090414.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_udev-6153.nasl - Type : ACT_GATHER_INFO |
2009-09-24 | Name : The remote SuSE 10 host is missing a security-related patch. File : suse_udev-6203.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_0_libudev-devel-090414.nasl - Type : ACT_GATHER_INFO |
2009-07-21 | Name : The remote openSUSE host is missing a security update. File : suse_11_1_libudev-devel-090414.nasl - Type : ACT_GATHER_INFO |
2009-05-01 | Name : The remote Mandriva Linux host is missing one or more security updates. File : mandriva_MDVSA-2009-103.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Ubuntu host is missing one or more security-related patches. File : ubuntu_USN-758-1.nasl - Type : ACT_GATHER_INFO |
2009-04-23 | Name : The remote Fedora host is missing a security update. File : fedora_2009-3711.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200904-18.nasl - Type : ACT_GATHER_INFO |
2009-04-21 | Name : The remote Slackware host is missing a security update. File : Slackware_SSA_2009-111-01.nasl - Type : ACT_GATHER_INFO |
2009-04-17 | Name : The remote Red Hat host is missing one or more security updates. File : redhat-RHSA-2009-0427.nasl - Type : ACT_GATHER_INFO |
2009-04-17 | Name : The remote Fedora host is missing a security update. File : fedora_2009-3712.nasl - Type : ACT_GATHER_INFO |
2009-04-17 | Name : The remote openSUSE host is missing a security update. File : suse_libudev-devel-6158.nasl - Type : ACT_GATHER_INFO |
2009-04-17 | Name : The remote Debian host is missing a security-related update. File : debian_DSA-1772.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-02-17 11:52:26 |
|