Skip to main content

Origin Validation Error

CVE-2009-1185

Severity High
Score 7.2/10

Summary

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

  • LOW
  • LOCAL
  • NONE
  • COMPLETE
  • COMPLETE
  • COMPLETE

CWE-346 - Origin Validation Error

The software does not properly verify that the source of data or communication is valid.

References

Advisory Timeline

  • Published