Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
21 Nov 2024, 01:01
Type | Values Removed | Values Added |
---|---|---|
References | () http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314 - | |
References | () http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html - Mailing List, Third Party Advisory | |
References | () http://secunia.com/advisories/34731 - Not Applicable | |
References | () http://secunia.com/advisories/34750 - Not Applicable | |
References | () http://secunia.com/advisories/34753 - Not Applicable | |
References | () http://secunia.com/advisories/34771 - Not Applicable | |
References | () http://secunia.com/advisories/34776 - Not Applicable | |
References | () http://secunia.com/advisories/34785 - Not Applicable | |
References | () http://secunia.com/advisories/34787 - Not Applicable | |
References | () http://secunia.com/advisories/34801 - Not Applicable | |
References | () http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399 - Third Party Advisory | |
References | () http://wiki.rpath.com/Advisories:rPSA-2009-0063 - Broken Link | |
References | () http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 - Broken Link | |
References | () http://www.debian.org/security/2009/dsa-1772 - Third Party Advisory | |
References | () http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml - Third Party Advisory | |
References | () http://www.mandriva.com/security/advisories?name=MDVSA-2009:103 - Broken Link | |
References | () http://www.securityfocus.com/archive/1/502752/100/0/threaded - Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/34539 - Third Party Advisory, VDB Entry | |
References | () http://www.securitytracker.com/id?1022068 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.ubuntu.com/usn/usn-758-1 - Third Party Advisory | |
References | () http://www.vupen.com/english/advisories/2009/1053 - Permissions Required | |
References | () https://bugzilla.redhat.com/show_bug.cgi?id=495052 - Issue Tracking, Patch, Third Party Advisory | |
References | () https://launchpad.net/bugs/cve/2009-1186 - Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html - Mailing List, Third Party Advisory | |
References | () https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html - Mailing List, Third Party Advisory |
03 Jun 2022, 15:05
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-120 | |
CPE | cpe:2.3:a:kernel:udev:0.9.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:*:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.1-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.2.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.9-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.3:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.5-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.6.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.6:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.4-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.7:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.4.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.5.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.7.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.2.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.0.0:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.1.0-1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.1.8:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.4:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.8.1:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:1.3.9:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.9.5:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.3.2:*:*:*:*:*:*:* cpe:2.3:a:kernel:udev:0.0.8-1:*:*:*:*:*:*:* |
cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:-:*:*:* cpe:2.3:o:suse:linux_enterprise_server:11:-:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:7.10:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:9:*:*:*:*:*:*:* cpe:2.3:a:suse:linux_enterprise_debuginfo:10:sp2:*:*:*:*:*:* cpe:2.3:a:suse:linux_enterprise_debuginfo:11:-:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_server:10:sp2:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:11:-:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:6.06:*:*:*:*:*:*:* cpe:2.3:o:canonical:ubuntu_linux:8.10:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:10:*:*:*:*:*:*:* cpe:2.3:a:udev_project:udev:*:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:10.3:*:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.1:*:*:*:*:*:*:* cpe:2.3:o:suse:linux_enterprise_desktop:10:sp2:*:*:*:*:*:* cpe:2.3:o:opensuse:opensuse:11.0:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:* |
References | (UBUNTU) http://www.ubuntu.com/usn/usn-758-1 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34801 - Not Applicable | |
References | (BUGTRAQ) http://www.securityfocus.com/archive/1/502752/100/0/threaded - Third Party Advisory, VDB Entry | |
References | (CONFIRM) http://git.kernel.org/?p=linux/hotplug/udev.git;a=commitdiff;h=662c3110803bd8c1aedacc36788e6fd028944314 - Patch, Third Party Advisory | |
References | (MISC) http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063 - Broken Link | |
References | (VUPEN) http://www.vupen.com/english/advisories/2009/1053 - Permissions Required | |
References | (DEBIAN) http://www.debian.org/security/2009/dsa-1772 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34731 - Not Applicable | |
References | (BID) http://www.securityfocus.com/bid/34539 - Third Party Advisory, VDB Entry | |
References | (MISC) https://launchpad.net/bugs/cve/2009-1186 - Third Party Advisory | |
References | (SUSE) http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html - Mailing List, Third Party Advisory | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34750 - Not Applicable | |
References | (SECUNIA) http://secunia.com/advisories/34771 - Not Applicable | |
References | (CONFIRM) http://wiki.rpath.com/Advisories:rPSA-2009-0063 - Broken Link | |
References | (SECTRACK) http://www.securitytracker.com/id?1022068 - Broken Link, Third Party Advisory, VDB Entry | |
References | (SECUNIA) http://secunia.com/advisories/34753 - Not Applicable | |
References | (SLACKWARE) http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399 - Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34785 - Not Applicable | |
References | (FEDORA) https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html - Mailing List, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34776 - Not Applicable | |
References | (CONFIRM) https://bugzilla.redhat.com/show_bug.cgi?id=495052 - Issue Tracking, Patch, Third Party Advisory | |
References | (SECUNIA) http://secunia.com/advisories/34787 - Not Applicable | |
References | (MANDRIVA) http://www.mandriva.com/security/advisories?name=MDVSA-2009:103 - Broken Link | |
References | (GENTOO) http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml - Third Party Advisory |
Information
Published : 2009-04-17 14:30
Updated : 2024-11-21 01:01
NVD link : CVE-2009-1186
Mitre link : CVE-2009-1186
CVE.ORG link : CVE-2009-1186
JSON object : View
Products Affected
fedoraproject
- fedora
suse
- linux_enterprise_server
- linux_enterprise_debuginfo
- linux_enterprise_desktop
canonical
- ubuntu_linux
debian
- debian_linux
opensuse
- opensuse
udev_project
- udev
CWE
CWE-120
Buffer Copy without Checking Size of Input ('Classic Buffer Overflow')