udev Netlink Message Validation Local Privilege Escalation Vulnerability

2009-04-15T00:00:00
ID SMNTC-34536
Type symantec
Reporter Symantec Security Response
Modified 2009-04-15T00:00:00

Description

Description

The 'udev' Linux application is prone to a local privilege-escalation vulnerability because it fails to properly handle netlink messages. Local attackers may exploit this issue to gain elevated privileges, which may lead to a complete compromise of the system. Versions prior to udev 141 are vulnerable.

Technologies Affected

  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Armel
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • Fedoraproject Fedora 10
  • Fedoraproject Fedora 9
  • Gentoo Linux
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Pardus Linux 2008
  • Redhat Enterprise Linux 5 Server
  • Redhat Enterprise Linux Desktop 5 Client
  • Redhat Enterprise Linux Desktop Workstation 5 Client
  • Slackware Linux -Current
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • SuSE SUSE Linux Enterprise 10 SP2 DEBUGINFO
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise Server 10 SP2
  • SuSE SUSE Linux Enterprise Server 11
  • SuSE SUSE Linux Enterprise Server 11 DEBUGINFO
  • SuSE Suse Linux Enterprise Desktop 10 SP2
  • SuSE Suse Linux Enterprise Desktop 11
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE openSUSE 11.1
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 7.10 Amd64
  • Ubuntu Ubuntu Linux 7.10 I386
  • Ubuntu Ubuntu Linux 7.10 Lpia
  • Ubuntu Ubuntu Linux 7.10 Powerpc
  • Ubuntu Ubuntu Linux 7.10 Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • VMWare ESX Server 4.0
  • rPath Appliance Platform Linux Service 1
  • rPath Appliance Platform Linux Service 2
  • rPath rPath Linux 1
  • rPath rPath Linux 2
  • udev udev 124
  • udev udev 140

Recommendations

Audit the system and limit, or remove, access to setuid or setgid utilities.
To limit the impact of latent vulnerabilities, audit computers and remove all setuid privileges on applications that do not require them.

Permit local access for trusted individuals only. Where possible, use restricted environments and restricted shells.
Given the nature of this issue, allow only trusted and accountable individuals to have access to system resources.

Updates are available. Please see the references for more information.