CVE-2011-0640
CVE-2011-0640 is a medium-severity vulnerability in Udev Project Udev with a CVSS 2.0 base score of 6.9. It is not currently listed as actively exploited by CISA, and its EPSS exploit-prediction score is low.
Key facts
- Severity: Medium (CVSS 2.0 base score 6.9)
- EPSS exploit prediction: 0% (27th percentile)
- Actively exploited: Not listed in CISA KEV
- Affected product: Udev Project Udev
- Published:
- Last modified:
Description
The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.
Frequently asked questions
- What is CVE-2011-0640?
- The default configuration of udev on Linux does not warn the user before enabling additional Human Interface Device (HID) functionality over USB, which allows user-assisted attackers to execute arbitrary programs via crafted USB data, as demonstrated by keyboard and mouse data sent by malware on a smartphone that the user connected to the computer.
- How severe is CVE-2011-0640?
- CVE-2011-0640 has a CVSS 2.0 base score of 6.9, rated medium severity.
- Is CVE-2011-0640 being actively exploited?
- It is not currently listed in CISA's KEV catalog. Its EPSS exploit-prediction score is 0% (27th percentile), an estimate of the probability of exploitation in the next 30 days.
- What products are affected by CVE-2011-0640?
- CVE-2011-0640 affects Udev Project Udev. See the affected-products list for the exact vulnerable versions.
- How do I fix CVE-2011-0640?
- Review the linked vendor and NVD advisories for patched versions and mitigations, then upgrade or apply the recommended workaround.
- When was CVE-2011-0640 published?
- CVE-2011-0640 was published on 2011-01-25 and last updated on 2026-06-16.
References
- http://news.cnet.com/8301-27080_3-20028919-245.html
- http://www.blackhat.com/html/bh-dc-11/bh-dc-11-briefings.html#Stavrou
- http://www.cs.gmu.edu/~astavrou/publications.html
Affected products (1)
- cpe:2.3:a:udev_project:udev:-:*:*:*:*:*:*:*
More vulnerabilities in Udev Project Udev
- CVE-2009-1185 — High (CVSS 7.2): udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to…
- CVE-2010-4176 — Medium (CVSS 4.0): plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions for the /dev/systty…
- CVE-2009-1186 — Low (CVSS 2.1): Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to…