Lucene search
K
Udev ProjectUdev

4 matches found

CVE
CVE
added 2009/04/17 2:0 p.m.260 views

CVE-2009-1185

CVE-2009-1185 affects udev before 1.4.1, which does not verify NETLINK message origin from kernel space, enabling a local user to gain privileges by sending a crafted NETLINK message. Public references show PoC/exploit activity (e.g., Metasploit module, Exploit-DB entries) and multiple advisories...

7.2CVSS7.4AI score0.81528EPSS
CVE
CVE
added 2009/04/17 2:0 p.m.97 views

CVE-2009-1186

CVE-2009-1186 affects udev prior to version 1.4.1, where a buffer overflow in util_path_encode in udev/lib/libudev-util.c can be triggered by crafted arguments, enabling a local denial of service. Public reports tie this with the same issue as CVE-2009-1185/1186; multiple advisories (Mandriva, Ma...

2.1CVSS6AI score0.00539EPSS
CVE
CVE
added 2011/01/25 12:0 a.m.71 views

CVE-2011-0640

CVE-2011-0640 concerns the default udev configuration on Linux, which does not warn before enabling HID functionality over USB. This can let user-assisted attackers run arbitrary code via crafted USB input (e.g., keyboard/mouse data from aスマートフォン-connected device), as documented by multiple sourc...

6.9CVSS9.5AI score0.00352EPSS
CVE
CVE
added 2010/12/07 9:0 p.m.57 views

CVE-2010-4176

CVE-2010-4176 describes a permission issue in plymouth-pretrigger.sh used by dracut/udev on Fedora 13 and 14. The script sets weak permissions on the /dev/systty device file, enabling remote authenticated users to read terminal data from tty0 for local users. Connected sources (OSV/OpenVAS/CVE re...

4CVSS8.4AI score0.02323EPSS