SuSE Security Advisory SUSE-SA:2009:020 (udev)

Summary
The remote host is missing updates announced in advisory SUSE-SA:2009:020.
Solution
Update your system with the packages as indicated in the referenced security advisory. https://secure1.securityspace.com/smysecure/catid.html?in=SUSE-SA:2009:020
Insight
Sebastian Krahmer of SUSE Security identified a problem in udevd with handling of netlink messages. Local attackers could inject netlink messages due to a missing origin check where only the kernel should have been able to and so are able to escalate privileges. (CVE-2009-1185) Fixed packages have been released to address this issue for openSUSE 10.3-11.1, SUSE Linux Enterprise 10 SP2 and SUSE Linux Enterprise 11. SUSE Linux Enterprise Server 9 and Novell Linux Desktop 9 are not affected by this problem.