Multiple vulnerabilities has been discovered and corrected in acpid: Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled power button events. A local attacker could use this to execute arbitrary code, and possibly escalate privileges . Helmut Grohne and Michael Biebl discovered that ACPI scripts were executed with a permissive file mode creation mask . A local attacker could read files and modify directories created by ACPI scripts that did not set a strict umask . The updated packages have been patched to correct these issues.