acpid is a daemon that dispatches ACPI events to user-space programs. It was discovered that acpid could create its log file with random permissions on some systems. A local attacker could use this flaw to escalate their privileges if the log file was created as world-writable and with the setuid or setgid bit set. Please note that this flaw was due to a Red Hat-specific patch included in the Red Hat Enterprise Linux 5 acpid package. Users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.