2.1

CVE-2009-1186

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Udev ProjectUdev Version < 141
SuseLinux Enterprise Debuginfo Version10 Updatesp2
SuseLinux Enterprise Debuginfo Version11 Update-
OpensuseOpensuse Version10.3
OpensuseOpensuse Version11.0
OpensuseOpensuse Version11.1
SuseLinux Enterprise Desktop Version10 Updatesp2
SuseLinux Enterprise Desktop Version11 Update-
SuseLinux Enterprise Server Version10 Updatesp2
SuseLinux Enterprise Server Version11 Update-
DebianDebian Linux Version4.0
DebianDebian Linux Version5.0
CanonicalUbuntu Linux Version6.06
CanonicalUbuntu Linux Version7.10
CanonicalUbuntu Linux Version8.04 SwEdition-
CanonicalUbuntu Linux Version8.10
FedoraprojectFedora Version9
FedoraprojectFedora Version10
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.54% 0.41
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 2.1 3.9 2.9
AV:L/AC:L/Au:N/C:N/I:N/A:P
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')

The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html
Third Party Advisory
Mailing List
http://secunia.com/advisories/34731
Not Applicable
http://secunia.com/advisories/34750
Not Applicable
http://secunia.com/advisories/34753
Not Applicable
http://secunia.com/advisories/34771
Not Applicable
http://secunia.com/advisories/34776
Not Applicable
http://secunia.com/advisories/34785
Not Applicable
http://secunia.com/advisories/34787
Not Applicable
http://secunia.com/advisories/34801
Not Applicable
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2009-0063
Broken Link
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063
Broken Link
http://www.debian.org/security/2009/dsa-1772
Third Party Advisory
http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml
Third Party Advisory
http://www.mandriva.com/security/advisories?name=MDVSA-2009:103
Broken Link
http://www.securityfocus.com/archive/1/502752/100/0/threaded
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/usn-758-1
Third Party Advisory
http://www.vupen.com/english/advisories/2009/1053
Permissions Required
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html
Third Party Advisory
Mailing List
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html
Third Party Advisory
Mailing List
http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314
http://www.securityfocus.com/bid/34539
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id?1022068
Third Party Advisory
Broken Link
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=495052
Patch
Third Party Advisory
Issue Tracking
https://launchpad.net/bugs/cve/2009-1186
Third Party Advisory