udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

CPENameOperatorVersion
androidlt1.0-2.3.4

CPE	Name	Operator	Version
	android	lt	1.0-2.3.4

References

c-skills.blogspot.co.uk/2010/07/android-trickery.html

android.googlesource.com/platform/system/netd/+/79b579c92afc08ab12c0a5788d61f2dd2934836f

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1185

canvas 1

openvas 36

nessus 20

packetstorm 2

seebug 2

myhack58 2

oraclelinux 1

veracode 1

cve 1

ubuntucve 1

prion 1

redhat 1

exploitpack 1

centos 1

exploitdb 1

suse 2

osv 1

securityvulns 2

ubuntu 1

fedora 2

debian 1

slackware 1

gentoo 1

vmware 1

kitploit 2

canvas

Immunity Canvas: UDEVD

2009-04-17 14:30:00

openvas

Mandrake Security Advisory MDVSA-2009:104 (udev)

2009-05-05 00:00:00

SLES10: Security update for udev

2009-10-13 00:00:00

RedHat Security Advisory RHSA-2009:0427

2009-04-20 00:00:00

nessus

Oracle Linux 5 : udev (ELSA-2009-0427)

2013-07-12 00:00:00

OracleVM 2.1 : udev (OVMSA-2009-0006)

2014-11-26 00:00:00

SuSE 10 Security Update : udev (ZYPP Patch Number 6203)

2009-09-24 00:00:00

packetstorm

Linux udev Netlink Local Privilege Escalation

2012-09-14 00:00:00

Linux 2.6 Kernel UDEV Exploit

2009-04-20 00:00:00

seebug

Linux Kernel 2.6 UDEV < 141 Local Privilege Escalation Exploit

2009-05-01 00:00:00

Linux Kernel 2.6 UDEV < 141 - Local Privilege Escalation Exploit

2014-07-01 00:00:00

myhack58

linux udev permissions vulnerability testing methods-vulnerability warning-the black bar safety net

2009-08-06 00:00:00

Linux udev local vulnerabilities to elevate privileges.-vulnerability warning-the black bar safety net

2009-05-13 00:00:00

oraclelinux

udev security update

2009-04-16 00:00:00

veracode

Privilege Escalation

2020-04-10 00:37:54

cve

CVE-2009-1185

2009-04-17 14:30:00

ubuntucve

CVE-2009-1185

2009-04-17 00:00:00

prion

Design/Logic Flaw

2009-04-17 14:30:00

redhat

(RHSA-2009:0427) Important: udev security update

2009-04-16 00:00:00

exploitpack

Linux Kernel 2.6 (Gentoo Ubuntu 8.109.04) UDEV 1.4.1 - Local Privilege Escalation (2)

2009-04-30 00:00:00

centos

libvolume_id, udev security update

2009-04-20 10:22:21

exploitdb

Linux Kernel 2.6 (Gentoo / Ubuntu 8.10/9.04) UDEV < 1.4.1 - Local Privilege Escalation (2)

2009-04-30 00:00:00

suse

local privilege escalation in udev

2009-04-16 18:02:22

remote code execution in glib2

2009-04-24 15:02:34

osv

udev - privilege escalation

2009-04-16 00:00:00

securityvulns

[SECURITY] [DSA 1772-1] New udev packages fix privilege escalation

2009-04-17 00:00:00

udev multiple security vulnerabilities

2009-04-19 00:00:00

ubuntu

udev vulnerabilities

2009-04-15 00:00:00

fedora

[SECURITY] Fedora 9 Update: udev-124-4.fc9

2009-04-16 16:54:24

[SECURITY] Fedora 10 Update: udev-127-5.fc10

2009-04-16 16:54:34

debian

[SECURITY] [DSA 1772-1] New udev packages fix privilege escalation

2009-04-16 10:30:59

slackware

udev

2009-04-20 22:36:50

gentoo

udev: Multiple vulnerabilities

2009-04-18 00:00:00

vmware

ESX Service Console updates for udev, sudo, and curl

2009-07-10 00:00:00

kitploit

Kernelpop - Kernel Privilege Escalation Enumeration And Exploitation Framework

2017-11-04 13:30:00

[Linux Exploit Suggester] Grab the Linux Operating Systems release version, and return a suggestive list of possible exploits

2013-08-29 00:48:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for ANDROID:EXPLOID_UDEV