udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-346,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 11.0 |
| suse | linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 6.06 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 8.04 |
| juniper | ctpview | 7.1 |
| canonical | ubuntu_linux | 7.10 |
| udev_project | udev | * |
| juniper | ctpview | * |
| suse | linux_enterprise_debuginfo | 10 |
| debian | debian_linux | 5.0 |
| suse | linux_enterprise_server | 10 |
| juniper | ctpview | 7.2 |
| canonical | ubuntu_linux | 8.10 |
| opensuse | opensuse | 10.3 |
| fedoraproject | fedora | 9 |
| opensuse | opensuse | 11.1 |
| debian | debian_linux | 4.0 |
| suse | linux_enterprise_debuginfo | 11 |
| suse | linux_enterprise_server | 11 |
| fedoraproject | fedora | 10 |
Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
CVSS 2.0
Severity: LOW
Problem Type: CWE-120,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| opensuse | opensuse | 11.0 |
| suse | linux_enterprise_desktop | 11 |
| canonical | ubuntu_linux | 6.06 |
| suse | linux_enterprise_desktop | 10 |
| canonical | ubuntu_linux | 8.04 |
| canonical | ubuntu_linux | 7.10 |
| udev_project | udev | * |
| suse | linux_enterprise_debuginfo | 10 |
| debian | debian_linux | 5.0 |
| suse | linux_enterprise_server | 10 |
| canonical | ubuntu_linux | 8.10 |
| opensuse | opensuse | 10.3 |
| fedoraproject | fedora | 9 |
| opensuse | opensuse | 11.1 |
| debian | debian_linux | 4.0 |
| suse | linux_enterprise_debuginfo | 11 |
| suse | linux_enterprise_server | 11 |
| fedoraproject | fedora | 10 |
plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty device file, which allows remote authenticated users to read terminal data from tty0 for local users.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-276,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dracut_project | dracut | - |
| udev_project | udev | - |
The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| udev_project | udev | - |