Paketname
udev
Datum
2009-04-30
Advisory ID
MDVSA-2009:103
Betroffene Versionen
2009.0 x86_64 , 2009.0 i586 , 2008.1 x86_64 , 2008.1 i586

Problembeschreibung

Security vulnerabilities have been identified and fixed in udev.

udev before 1.4.1 does not verify whether a NETLINK message originates
from kernel space, which allows local users to gain privileges by
sending a NETLINK message from user space (CVE-2009-1185).

Buffer overflow in the util_path_encode function in
udev/lib/libudev-util.c in udev before 1.4.1 allows local users to
cause a denial of service (service outage) via vectors that trigger
a call with crafted arguments (CVE-2009-1186).

The updated packages have been patched to prevent this.

Aktualisierte Pakete

2009.0 x86_64

 20e923c0f97863cd3d6772d4a81b33c4  2009.0/x86_64/lib64udev0-128-2.2mnb2.x86_64.rpm
 ca3cbf864036c78eb21ad8ca1e8a02a6  2009.0/x86_64/lib64udev0-devel-128-2.2mnb2.x86_64.rpm
 82d36efadd1b53f1e07e06d69252d1b0  2009.0/x86_64/lib64volume_id1-128-2.2mnb2.x86_64.rpm
 71e108a5a734615778c9162e4eebfab1  2009.0/x86_64/lib64volume_id1-devel-128-2.2mnb2.x86_64.rpm
 c351a3350e63d8632c7973f116fb4af6  2009.0/x86_64/udev-128-2.2mnb2.x86_64.rpm
 c46fe7e4657d61e29a9ec7c0a382c043  2009.0/x86_64/udev-doc-128-2.2mnb2.x86_64.rpm 
 41c5db8650775842770f28e74d088c94  2009.0/SRPMS/udev-128-2.2mnb2.src.rpm

2009.0 i586

 5a0054d8b64bf0df26f911ad00fd22b0  2009.0/i586/libudev0-128-2.2mnb2.i586.rpm
 86613d49ae237533b1e41a9a4eaa0b20  2009.0/i586/libudev0-devel-128-2.2mnb2.i586.rpm
 d6bf9400a3a06868e33df323419aeb68  2009.0/i586/libvolume_id1-128-2.2mnb2.i586.rpm
 eabb4c164276e47f7ec7def937e16d85  2009.0/i586/libvolume_id1-devel-128-2.2mnb2.i586.rpm
 8061e4fd197d274375e7ff9b9241c0be  2009.0/i586/udev-128-2.2mnb2.i586.rpm
 3a0b39c6dc1ff7f4e016ad4cc60ae0b2  2009.0/i586/udev-doc-128-2.2mnb2.i586.rpm 
 41c5db8650775842770f28e74d088c94  2009.0/SRPMS/udev-128-2.2mnb2.src.rpm

2008.1 x86_64

 5015356cc3ac713989679be1336e4d4e  2008.1/x86_64/lib64volume_id0-118-6.3mnb1.x86_64.rpm
 77774d7a9223fb9327eb44d3fd44acd8  2008.1/x86_64/lib64volume_id0-devel-118-6.3mnb1.x86_64.rpm
 26d3a29af7e915f5458499e1951340d3  2008.1/x86_64/udev-118-6.3mnb1.x86_64.rpm
 96fa3e1930f938c78deea6e8c84deffd  2008.1/x86_64/udev-doc-118-6.3mnb1.x86_64.rpm
 bd9ca0a226c45994ce7f4c9df22a4a54  2008.1/x86_64/udev-tools-118-6.3mnb1.x86_64.rpm 
 f4c40f58ee82008a5cb0518868aaee1c  2008.1/SRPMS/udev-118-6.3mnb1.src.rpm

2008.1 i586

 354c03adf70b476d5b049d10b497fc71  2008.1/i586/libvolume_id0-118-6.3mnb1.i586.rpm
 f9c19345cade16788dd8db2c5d28d690  2008.1/i586/libvolume_id0-devel-118-6.3mnb1.i586.rpm
 e46f08af64f99aef62a69972252487bf  2008.1/i586/udev-118-6.3mnb1.i586.rpm
 8e73a6e6269a00738faae563c405bfab  2008.1/i586/udev-doc-118-6.3mnb1.i586.rpm
 41d335547cc29f2fd6ef20508b54a6b2  2008.1/i586/udev-tools-118-6.3mnb1.i586.rpm 
 f4c40f58ee82008a5cb0518868aaee1c  2008.1/SRPMS/udev-118-6.3mnb1.src.rpm

Referenzen