Added a Patch to fix a local privilege escalation in udev.

CVE-2009-1185: udev did not check the origin of the netlink messages. A local attacker could fake device create events and so gain root privileges. More information on: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
2026-04-11 03:25:54 +02:00 · 2009-05-03 11:06:53 +02:00
parent e8b7789107
commit 835b323eff
2 changed files with 21 additions and 0 deletions
--- a/lfs/udev
+++ b/lfs/udev
@@ -81,6 +81,7 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	@$(PREBUILD)
 	@rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar jxf $(DIR_DL)/$(DL_FILE)
 	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/udev-096-netif_rename.patch
+	cd $(DIR_APP) && patch -Np1 -i $(DIR_SRC)/src/patches/udev-CVE-2009-1186.patch
 ifeq "$(LFS_PASS)" "install"
 	cd $(DIR_APP) && make DESTDIR=/install/initrd sbindir=/sbin udevdir=/dev
 	cd $(DIR_APP) && make DESTDIR=/install/initrd sbindir=/sbin udevdir=/dev install
--- a/src/patches/udev-CVE-2009-1186.patch
+++ b/src/patches/udev-CVE-2009-1186.patch
@@ -0,0 +1,20 @@
+--- udev-141/udev/lib/libudev-util.c.CVE-2009-1186	2009-04-08 09:04:26.000000000 -0400
+++ udev-141/udev/lib/libudev-util.c	2009-04-15 13:25:10.000000000 -0400
+@@ -9,6 +9,7 @@
+  * version 2.1 of the License, or (at your option) any later version.
+  */
+ 
+#include <stdint.h>
+ #include <stdio.h>
+ #include <stdlib.h>
+ #include <stddef.h>
+@@ -103,6 +104,9 @@ int util_log_priority(const char *priori
+ 
+ size_t util_path_encode(char *s, size_t len)
+ {
+        if (len == 0 || len > (SIZE_MAX - 1) / 4)
+               return 0;
+
+ 	char t[(len * 4)+1];
+ 	size_t i, j;
+