2.1
CVE-2009-1186
- EPSS 0.09%
- Published 17.04.2009 14:30:00
- Last modified 09.04.2025 00:30:58
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
Data is provided by the National Vulnerability Database (NVD)
Udev Project ≫ Udev Version < 141
Suse ≫ Linux Enterprise Debuginfo Version10 Updatesp2
Suse ≫ Linux Enterprise Debuginfo Version11 Update-
Suse ≫ Linux Enterprise Desktop Version10 Updatesp2
Suse ≫ Linux Enterprise Desktop Version11 Update-
Suse ≫ Linux Enterprise Server Version10 Updatesp2
Suse ≫ Linux Enterprise Server Version11 Update-
Debian ≫ Debian Linux Version4.0
Debian ≫ Debian Linux Version5.0
Canonical ≫ Ubuntu Linux Version6.06
Canonical ≫ Ubuntu Linux Version7.10
Canonical ≫ Ubuntu Linux Version8.04 SwEdition-
Canonical ≫ Ubuntu Linux Version8.10
Fedoraproject ≫ Fedora Version9
Fedoraproject ≫ Fedora Version10
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.258 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 2.1 | 3.9 | 2.9 |
AV:L/AC:L/Au:N/C:N/I:N/A:P
|
CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')
The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.