RHSA-2009:1642-02 -- Redhat acpidID: oval:org.secpod.oval:def:500654 | Date: (C)2012-01-31 (M)2021-09-11 |
Class: PATCH | Family: unix |
acpid is a daemon that dispatches ACPI events to user-space programs. It was discovered that acpid could create its log file with random permissions on some systems. A local attacker could use this flaw to escalate their privileges if the log file was created as world-writable and with the setuid or setgid bit set. Please note that this flaw was due to a Red Hat-specific patch included in the Red Hat Enterprise Linux 5 acpid package. Users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
Platform: |
Red Hat Enterprise Linux 5 |