A vulnerability has been discovered and corrected in acpid: acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service via a crafted application that performs a connect system call but no read system calls . The updated packages have been patched to correct this issue.