ESX Service Console updates for udev, sudo, and curl

2009-07-10T00:00:00
ID VMSA-2009-0009
Type vmware
Reporter VMware
Modified 2009-07-10T00:00:00

Description

a. Service Console package udev
A vulnerability in the udev program did not verify whether a NETLINK
message originates from kernel space, which allows local users to
gain privileges by sending a NETLINK message from user space.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-1185 to this issue.
Please see <http://kb.vmware.com/kb/1011786> for details.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.