SUSE CVE-2009-0035

🗓️ 15 Feb 2023 06:05:35Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

ALSA-utils 1.0.19+ allows local users to overwrite files via symlinks in alsa-info scripts.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2009-0035	9 Nov 201907:38	–	circl
CVE	CVE-2009-0035	9 Nov 201902:02	–	cve
Cvelist	CVE-2009-0035	9 Nov 201902:02	–	cvelist
EUVD	EUVD-2009-0046	7 Oct 202500:30	–	euvd
NVD	CVE-2009-0035	9 Nov 201903:15	–	nvd
OSV	OPENSUSE-SU-2024:10544-1 alsa-1.1.2-2.1 on GA media	15 Jun 202400:00	–	osv
Prion	Code injection	9 Nov 201903:15	–	prion
Positive Technologies	PT-2019-13284 · Jack2 +2 · Jack2 +2	29 Jan 201900:00	–	ptsecurity
UbuntuCve	CVE-2009-0035	9 Nov 201903:15	–	ubuntucve

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Desktop	12	any	alsa	1.0.27.2-11.10	alsa-1.0.27.2-11.10.noarch.rpm
SUSE Linux Enterprise Desktop	12.1	any	alsa	1.0.27.2-11.10	alsa-1.0.27.2-11.10.noarch.rpm
SUSE Linux Enterprise Desktop	12.2	any	alsa	1.0.27.2-11.10	alsa-1.0.27.2-11.10.noarch.rpm
SUSE Linux Enterprise Server	12.1	any	alsa	1.0.27.2-11.10	alsa-1.0.27.2-11.10.noarch.rpm
SUSE Linux Enterprise Server	12	any	alsa	1.0.27.2-11.4	alsa-1.0.27.2-11.4.noarch.rpm
SUSE Linux Enterprise Server	12.2	any	alsa	1.0.27.2-11.4	alsa-1.0.27.2-11.4.noarch.rpm
SUSE Linux Enterprise Desktop	12.3	any	alsa	1.0.27.2-15.1	alsa-1.0.27.2-15.1.noarch.rpm
SUSE Linux Enterprise Desktop	12.4	any	alsa	1.0.27.2-15.1	alsa-1.0.27.2-15.1.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	alsa	1.0.27.2-15.1	alsa-1.0.27.2-15.1.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	alsa	1.0.27.2-15.1	alsa-1.0.27.2-15.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2009-0035
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/533396

01 Jan 2026 03:11Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.15.5

EPSS0.00181

alsa-utils symlink attack arbitrary file overwrite