CVE-2009-1185

Publication date 17 April 2009

Last updated 24 July 2024

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

Status

Show unmaintained releases

Package	Ubuntu Release	Status
udev	8.10 intrepid	Fixed 124-9ubuntu0.2
	8.04 LTS hardy	Fixed 117-8ubuntu0.2
	7.10 gutsy	Fixed 113-0ubuntu17.2
	6.06 LTS dapper	Fixed 079-0ubuntu35.1

How can I get the fixes?
What do statuses mean?

References

MITRE
NVD
Launchpad
Debian

Related Ubuntu Security Notices (USN)

USN-758-1
udev vulnerabilities
15 April 2009

Other references

https://www.cve.org/CVERecord?id=CVE-2009-1185