SuSE 10 Security Update : udev (ZYPP Patch Number 6203)
High Nessus Plugin ID 41594
SynopsisThe remote SuSE 10 host is missing a security-related patch.
DescriptionThis update fixes a local privilege escalation in udev.
- udev did not check the origin of the netlink messages. A local attacker could fake device create events and so gain root privileges. (CVE-2009-1185)
The previous update did not apply the actual patch fixing this problem, as was reported to us by SGI.
Please reboot the machine after installing the update, or run:
SolutionApply ZYPP patch number 6203.