CVE-2009-1186 Detail

CVE-2009-1186

CVE Descriptions

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-120	Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') The product copies an input buffer to an output buffer without verifying that the size of the input buffer is less than the size of the output buffer, leading to a buffer overflow.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	2.1		AV:L/AC:L/Au:N/C:N/I:N/A:P	[email protected]

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Products Mentioned

Configuraton 0

Udev_project>>Udev >> Version To (excluding) 141

Udev_project>>Udev >> Version - (Open CPE detail)
Udev_project>>Udev >> Version 001 (Open CPE detail)
Udev_project>>Udev >> Version 002 (Open CPE detail)
Udev_project>>Udev >> Version 003 (Open CPE detail)
Udev_project>>Udev >> Version 004 (Open CPE detail)
Udev_project>>Udev >> Version 005 (Open CPE detail)
Udev_project>>Udev >> Version 006 (Open CPE detail)
Udev_project>>Udev >> Version 007 (Open CPE detail)
Udev_project>>Udev >> Version 008 (Open CPE detail)
Udev_project>>Udev >> Version 009 (Open CPE detail)
Udev_project>>Udev >> Version 010 (Open CPE detail)
Udev_project>>Udev >> Version 011 (Open CPE detail)
Udev_project>>Udev >> Version 012 (Open CPE detail)
Udev_project>>Udev >> Version 013 (Open CPE detail)
Udev_project>>Udev >> Version 014 (Open CPE detail)
Udev_project>>Udev >> Version 015 (Open CPE detail)
Udev_project>>Udev >> Version 016 (Open CPE detail)
Udev_project>>Udev >> Version 017 (Open CPE detail)
Udev_project>>Udev >> Version 018 (Open CPE detail)
Udev_project>>Udev >> Version 019 (Open CPE detail)
Udev_project>>Udev >> Version 020 (Open CPE detail)
Udev_project>>Udev >> Version 021 (Open CPE detail)
Udev_project>>Udev >> Version 022 (Open CPE detail)
Udev_project>>Udev >> Version 023 (Open CPE detail)
Udev_project>>Udev >> Version 024 (Open CPE detail)
Udev_project>>Udev >> Version 025 (Open CPE detail)
Udev_project>>Udev >> Version 026 (Open CPE detail)
Udev_project>>Udev >> Version 027 (Open CPE detail)
Udev_project>>Udev >> Version 028 (Open CPE detail)
Udev_project>>Udev >> Version 029 (Open CPE detail)
Udev_project>>Udev >> Version 030 (Open CPE detail)
Udev_project>>Udev >> Version 031 (Open CPE detail)
Udev_project>>Udev >> Version 032 (Open CPE detail)
Udev_project>>Udev >> Version 033 (Open CPE detail)
Udev_project>>Udev >> Version 034 (Open CPE detail)
Udev_project>>Udev >> Version 035 (Open CPE detail)
Udev_project>>Udev >> Version 036 (Open CPE detail)
Udev_project>>Udev >> Version 037 (Open CPE detail)
Udev_project>>Udev >> Version 038 (Open CPE detail)
Udev_project>>Udev >> Version 039 (Open CPE detail)
Udev_project>>Udev >> Version 040 (Open CPE detail)
Udev_project>>Udev >> Version 042 (Open CPE detail)
Udev_project>>Udev >> Version 043 (Open CPE detail)
Udev_project>>Udev >> Version 044 (Open CPE detail)
Udev_project>>Udev >> Version 045 (Open CPE detail)
Udev_project>>Udev >> Version 046 (Open CPE detail)
Udev_project>>Udev >> Version 047 (Open CPE detail)
Udev_project>>Udev >> Version 048 (Open CPE detail)
Udev_project>>Udev >> Version 049 (Open CPE detail)
Udev_project>>Udev >> Version 050 (Open CPE detail)
Udev_project>>Udev >> Version 051 (Open CPE detail)
Udev_project>>Udev >> Version 052 (Open CPE detail)
Udev_project>>Udev >> Version 053 (Open CPE detail)
Udev_project>>Udev >> Version 054 (Open CPE detail)
Udev_project>>Udev >> Version 055 (Open CPE detail)
Udev_project>>Udev >> Version 056 (Open CPE detail)
Udev_project>>Udev >> Version 057 (Open CPE detail)
Udev_project>>Udev >> Version 058 (Open CPE detail)
Udev_project>>Udev >> Version 059 (Open CPE detail)
Udev_project>>Udev >> Version 060 (Open CPE detail)
Udev_project>>Udev >> Version 061 (Open CPE detail)
Udev_project>>Udev >> Version 062 (Open CPE detail)
Udev_project>>Udev >> Version 063 (Open CPE detail)
Udev_project>>Udev >> Version 064 (Open CPE detail)
Udev_project>>Udev >> Version 065 (Open CPE detail)
Udev_project>>Udev >> Version 066 (Open CPE detail)
Udev_project>>Udev >> Version 067 (Open CPE detail)
Udev_project>>Udev >> Version 068 (Open CPE detail)
Udev_project>>Udev >> Version 069 (Open CPE detail)
Udev_project>>Udev >> Version 070 (Open CPE detail)
Udev_project>>Udev >> Version 071 (Open CPE detail)
Udev_project>>Udev >> Version 072 (Open CPE detail)
Udev_project>>Udev >> Version 073 (Open CPE detail)
Udev_project>>Udev >> Version 074 (Open CPE detail)
Udev_project>>Udev >> Version 075 (Open CPE detail)
Udev_project>>Udev >> Version 076 (Open CPE detail)
Udev_project>>Udev >> Version 077 (Open CPE detail)
Udev_project>>Udev >> Version 078 (Open CPE detail)
Udev_project>>Udev >> Version 079 (Open CPE detail)
Udev_project>>Udev >> Version 080 (Open CPE detail)
Udev_project>>Udev >> Version 081 (Open CPE detail)
Udev_project>>Udev >> Version 082 (Open CPE detail)
Udev_project>>Udev >> Version 083 (Open CPE detail)
Udev_project>>Udev >> Version 084 (Open CPE detail)
Udev_project>>Udev >> Version 085 (Open CPE detail)
Udev_project>>Udev >> Version 086 (Open CPE detail)
Udev_project>>Udev >> Version 087 (Open CPE detail)
Udev_project>>Udev >> Version 088 (Open CPE detail)
Udev_project>>Udev >> Version 089 (Open CPE detail)
Udev_project>>Udev >> Version 090 (Open CPE detail)
Udev_project>>Udev >> Version 091 (Open CPE detail)
Udev_project>>Udev >> Version 092 (Open CPE detail)
Udev_project>>Udev >> Version 093 (Open CPE detail)
Udev_project>>Udev >> Version 094 (Open CPE detail)
Udev_project>>Udev >> Version 095 (Open CPE detail)
Udev_project>>Udev >> Version 096 (Open CPE detail)
Udev_project>>Udev >> Version 097 (Open CPE detail)
Udev_project>>Udev >> Version 098 (Open CPE detail)
Udev_project>>Udev >> Version 099 (Open CPE detail)
Udev_project>>Udev >> Version 100 (Open CPE detail)
Udev_project>>Udev >> Version 101 (Open CPE detail)
Udev_project>>Udev >> Version 102 (Open CPE detail)
Udev_project>>Udev >> Version 103 (Open CPE detail)
Udev_project>>Udev >> Version 104 (Open CPE detail)
Udev_project>>Udev >> Version 105 (Open CPE detail)
Udev_project>>Udev >> Version 106 (Open CPE detail)
Udev_project>>Udev >> Version 107 (Open CPE detail)
Udev_project>>Udev >> Version 108 (Open CPE detail)
Udev_project>>Udev >> Version 109 (Open CPE detail)
Udev_project>>Udev >> Version 110 (Open CPE detail)
Udev_project>>Udev >> Version 111 (Open CPE detail)
Udev_project>>Udev >> Version 112 (Open CPE detail)
Udev_project>>Udev >> Version 113 (Open CPE detail)
Udev_project>>Udev >> Version 114 (Open CPE detail)
Udev_project>>Udev >> Version 115 (Open CPE detail)
Udev_project>>Udev >> Version 116 (Open CPE detail)
Udev_project>>Udev >> Version 117 (Open CPE detail)
Udev_project>>Udev >> Version 118 (Open CPE detail)
Udev_project>>Udev >> Version 119 (Open CPE detail)
Udev_project>>Udev >> Version 120 (Open CPE detail)
Udev_project>>Udev >> Version 121 (Open CPE detail)
Udev_project>>Udev >> Version 122 (Open CPE detail)
Udev_project>>Udev >> Version 123 (Open CPE detail)
Udev_project>>Udev >> Version 124 (Open CPE detail)
Udev_project>>Udev >> Version 125 (Open CPE detail)
Udev_project>>Udev >> Version 126 (Open CPE detail)
Udev_project>>Udev >> Version 127 (Open CPE detail)
Udev_project>>Udev >> Version 128 (Open CPE detail)
Udev_project>>Udev >> Version 129 (Open CPE detail)
Udev_project>>Udev >> Version 130 (Open CPE detail)
Udev_project>>Udev >> Version 131 (Open CPE detail)
Udev_project>>Udev >> Version 132 (Open CPE detail)
Udev_project>>Udev >> Version 133 (Open CPE detail)
Udev_project>>Udev >> Version 134 (Open CPE detail)
Udev_project>>Udev >> Version 135 (Open CPE detail)
Udev_project>>Udev >> Version 136 (Open CPE detail)
Udev_project>>Udev >> Version 137 (Open CPE detail)
Udev_project>>Udev >> Version 138 (Open CPE detail)
Udev_project>>Udev >> Version 139 (Open CPE detail)
Udev_project>>Udev >> Version 140 (Open CPE detail)

Configuraton 0

Suse>>Linux_enterprise_debuginfo >> Version 10

Suse>>Linux_enterprise_debuginfo >> Version 10 (Open CPE detail)

Suse>>Linux_enterprise_debuginfo >> Version 11

Suse>>Linux_enterprise_debuginfo >> Version 11 (Open CPE detail)

Opensuse>>Opensuse >> Version 10.3

Opensuse>>Opensuse >> Version 10.3 (Open CPE detail)

Opensuse>>Opensuse >> Version 11.0

Opensuse>>Opensuse >> Version 11.0 (Open CPE detail)

Opensuse>>Opensuse >> Version 11.1

Opensuse>>Opensuse >> Version 11.1 (Open CPE detail)

Suse>>Linux_enterprise_desktop >> Version 10

Suse>>Linux_enterprise_desktop >> Version 10 (Open CPE detail)

Suse>>Linux_enterprise_desktop >> Version 11

Suse>>Linux_enterprise_desktop >> Version 11 (Open CPE detail)

Suse>>Linux_enterprise_server >> Version 10

Suse>>Linux_enterprise_server >> Version 10 (Open CPE detail)
Suse>>Linux_enterprise_server >> Version 10 (Open CPE detail)

Suse>>Linux_enterprise_server >> Version 11

Suse>>Linux_enterprise_server >> Version 11 (Open CPE detail)

Configuraton 0

Debian>>Debian_linux >> Version 4.0

Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)
Debian>>Debian_linux >> Version 4.0 (Open CPE detail)

Debian>>Debian_linux >> Version 5.0

Debian>>Debian_linux >> Version 5.0 (Open CPE detail)

Configuraton 0

Canonical>>Ubuntu_linux >> Version 6.06

Canonical>>Ubuntu_linux >> Version 6.06 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 6.06 (Open CPE detail)
Canonical>>Ubuntu_linux >> Version 6.06 (Open CPE detail)

Canonical>>Ubuntu_linux >> Version 7.10

Canonical>>Ubuntu_linux >> Version 7.10 (Open CPE detail)

Canonical>>Ubuntu_linux >> Version 8.04

Canonical>>Ubuntu_linux >> Version 8.04 (Open CPE detail)

Canonical>>Ubuntu_linux >> Version 8.10

Canonical>>Ubuntu_linux >> Version 8.10 (Open CPE detail)

Configuraton 0

Fedoraproject>>Fedora >> Version 9

Fedoraproject>>Fedora >> Version 9 (Open CPE detail)

Fedoraproject>>Fedora >> Version 10

Fedoraproject>>Fedora >> Version 10 (Open CPE detail)

References

http://www.securityfocus.com/archive/1/502752/100/0/threaded
Tags : mailing-list, x_refsource_BUGTRAQ

http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0063
Tags : x_refsource_MISC

http://secunia.com/advisories/34801
Tags : third-party-advisory, x_refsource_SECUNIA

http://www.securitytracker.com/id?1022068
Tags : vdb-entry, x_refsource_SECTRACK

http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00006.html
Tags : vendor-advisory, x_refsource_SUSE

https://bugzilla.redhat.com/show_bug.cgi?id=495052
Tags : x_refsource_CONFIRM

http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.446399
Tags : vendor-advisory, x_refsource_SLACKWARE

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00462.html
Tags : vendor-advisory, x_refsource_FEDORA

http://www.debian.org/security/2009/dsa-1772
Tags : vendor-advisory, x_refsource_DEBIAN

http://www.gentoo.org/security/en/glsa/glsa-200904-18.xml
Tags : vendor-advisory, x_refsource_GENTOO

https://launchpad.net/bugs/cve/2009-1186
Tags : x_refsource_MISC

http://www.mandriva.com/security/advisories?name=MDVSA-2009:103
Tags : vendor-advisory, x_refsource_MANDRIVA

http://secunia.com/advisories/34776
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/34731
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/34753
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/34785
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/34787
Tags : third-party-advisory, x_refsource_SECUNIA

https://www.redhat.com/archives/fedora-package-announce/2009-April/msg00463.html
Tags : vendor-advisory, x_refsource_FEDORA

http://www.securityfocus.com/bid/34539
Tags : vdb-entry, x_refsource_BID

http://www.vupen.com/english/advisories/2009/1053
Tags : vdb-entry, x_refsource_VUPEN

http://www.ubuntu.com/usn/usn-758-1
Tags : vendor-advisory, x_refsource_UBUNTU

http://secunia.com/advisories/34771
Tags : third-party-advisory, x_refsource_SECUNIA

http://secunia.com/advisories/34750
Tags : third-party-advisory, x_refsource_SECUNIA

http://wiki.rpath.com/Advisories:rPSA-2009-0063
Tags : x_refsource_CONFIRM

http://git.kernel.org/?p=linux/hotplug/udev.git%3Ba=commitdiff%3Bh=662c3110803bd8c1aedacc36788e6fd028944314
Tags : x_refsource_CONFIRM

CVE-2009-1186 : Detail

CVE-2009-1186

CVE Descriptions

CVE Informations

Related Weaknesses

Metrics

EPSS

EPSS Score

EPSS Percentile

Products Mentioned

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

Configuraton 0

References