From: Stefan Schantl <Stevee@ipfire.org>
Date: Sun, 17 May 2009 14:51:54 +0000 (+0200)
Subject: Added a Patch to fix a local privilege escalation in udev.
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=facb9680c263b0134f3e7e7fc4a36ce429d3a83a;p=ipfire-3.x.git

Added a Patch to fix a local privilege escalation in udev.

CVE-2009-1185: udev did not check the origin of the netlink
messages. A local attacker could fake device create events
and so gain root privileges.

More information on:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1186
---

diff --git a/lfs/udev b/lfs/udev
index afc9ff7ef..af5633958 100644
--- a/lfs/udev
+++ b/lfs/udev
@@ -53,7 +53,8 @@ endef
 # Top-level Rules
 ###############################################################################
 
-objects = $(DL_FILE)
+objects = $(DL_FILE) \
+	udev-CVE-2009-1186.patch
 
 download: $(objects)
 
@@ -92,6 +93,10 @@ $(OBJECT): $(objects)
 			--prefix=/usr \
 			--exec-prefix="" \
 			--sysconfdir=/etc
+
+	#This patch fixes a local privilege escalation in udev.( CVE-2009-1186 )
+	cd $(DIR_APP) && patch -Np1 -i udev-CVE-2009-1186.patch
+
 	cd $(DIR_APP) && make $(PARALLELISMFLAGS)
 	cd $(DIR_APP) && make install