What is CVE-2009-1185?

CVE-2009-1185 is a vulnerability in N/a. Published 2009-04-17.

Is CVE-2009-1185 known to be exploited?

65 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2009-1185

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

EPSS: 0.895 (99.6th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

References

20090417 rPSA-2009-0063-1 udev (mailing-list, x_refsource_BUGTRAQ)
wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 (x_refsource_MISC)
oval:org.mitre.oval:def:5975 (x_refsource_OVAL, signature, vdb-entry)
34801 (x_refsource_SECUNIA, third-party-advisory)
35766 (x_refsource_SECUNIA, third-party-advisory)
SUSE-SA:2009:020 (vendor-advisory, x_refsource_SUSE)
MDVSA-2009:104 (vendor-advisory, x_refsource_MANDRIVA)
SSA:2009-111-01 (vendor-advisory, x_refsource_SLACKWARE)
FEDORA-2009-3712 (x_refsource_FEDORA, vendor-advisory)
DSA-1772 (vendor-advisory, x_refsource_DEBIAN)

Frequently asked questions

What is CVE-2009-1185?: CVE-2009-1185 is a vulnerability in N/a. Published 2009-04-17.
Is CVE-2009-1185 known to be exploited?: 65 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.