2.1
CVE-2009-1186
- EPSS 0.54%
- Veröffentlicht 17.04.2009 14:30:00
- Zuletzt bearbeitet 16.06.2026 23:06:41
- Quelle secalert@redhat.com
- CVE-Watchlists
- Unerledigt
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Udev Project ≫ Udev Version < 141
Suse ≫ Linux Enterprise Debuginfo Version10 Updatesp2
Suse ≫ Linux Enterprise Debuginfo Version11 Update-
Suse ≫ Linux Enterprise Desktop Version10 Updatesp2
Suse ≫ Linux Enterprise Desktop Version11 Update-
Suse ≫ Linux Enterprise Server Version10 Updatesp2
Suse ≫ Linux Enterprise Server Version11 Update-
Debian ≫ Debian Linux Version4.0
Debian ≫ Debian Linux Version5.0
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version7.10
Canonical ≫ Ubuntu Linux Version8.04 SwEdition-
Canonical ≫ Ubuntu Linux Version8.10
Fedoraproject ≫ Fedora Version9
Fedoraproject ≫ Fedora Version10
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.54% | 0.41 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer.
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html
http://secunia.com/advisories/34731
http://secunia.com/advisories/34750
http://secunia.com/advisories/34753
http://secunia.com/advisories/34771
http://secunia.com/advisories/34776
http://secunia.com/advisories/34785
http://secunia.com/advisories/34787
http://secunia.com/advisories/34801
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
http://wiki.rpath.com/Advisories:rPSA-2009-0063
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063
http://www.debian.org/security/2009/dsa-1772
http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml
http://www.mandriva.com/security/advisories?name=MDVSA-2009:103
http://www.securityfocus.com/archive/1/502752/100/0/threaded
http://www.ubuntu.com/usn/usn-758-1
http://www.vupen.com/english/advisories/2009/1053
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html
https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html
http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314
http://www.securityfocus.com/bid/34539
http://www.securitytracker.com/id?1022068
https://bugzilla.redhat.com/show_bug.cgi?id=495052
https://launchpad.net/bugs/cve/2009-1186