2 matches found
CVE-2009-1185
CVE-2009-1185 affects udev before 1.4.1, which does not verify NETLINK message origin from kernel space, enabling a local user to gain privileges by sending a crafted NETLINK message. Public references show PoC/exploit activity (e.g., Metasploit module, Exploit-DB entries) and multiple advisories...
CVE-2009-1186
CVE-2009-1186 affects udev prior to version 1.4.1, where a buffer overflow in util_path_encode in udev/lib/libudev-util.c can be triggered by crafted arguments, enabling a local denial of service. Public reports tie this with the same issue as CVE-2009-1185/1186; multiple advisories (Mandriva, Ma...