MDVSA-2012:137 -- Mandriva acpidID: oval:org.secpod.oval:def:302949 | Date: (C)2012-11-02 (M)2021-09-11 |
Class: PATCH | Family: unix |
Multiple vulnerabilities has been discovered and corrected in acpid: Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges . Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask . A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask . The updated packages have been patched to correct these issues.
Platform: |
Mandriva Linux 2011.0 |