Azimout's Linux weblog

udev <141 exploit

with 4 comments

Dereck shared with me this linux security exploit: udev < 141 Local Privilege Escalation Exploit, a.k.a. CVE-2009-1185

It affects distributions that ship with udev version <141. Ubuntu ships udev 141 in Jaunty (124 in Intrepid), so I’m covered.

Thought: what does it tell you, the fact that they only find vulnerabilities in old versions of the Linux ecosystem?


Written by azimout

18/05/2009 at 21:19

Posted in News

4 Responses

Subscribe to comments with RSS.

  1. doesn’t seem to work on my gentoo installation, even though i still have udev 124… maybe i made some error.


    18/05/2009 at 23:13

  2. ah, found the reason why… gentoo docs say that vulnerable versions are < 124-r2. which is the version i have installed.


    18/05/2009 at 23:14

  3. On the other hand this is a quite old “attack vector”. I’ve seen similar vulnerability in zebra routing suite almost 6 years ago.



    19/05/2009 at 15:15

  4. Hellp zImage, thanks for stopping by, and thanks for the info!
    Looking at your blog right now, seems interesting!


    19/05/2009 at 22:39

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s

%d bloggers like this: