- Advisory ID
- Betroffene Versionen
- 2011 i586 , 2011 x86_64
Multiple vulnerabilities has been discovered and corrected in acpid:
Oliver-Tobias Ripka discovered that an ACPI script incorrectly handled
power button events. A local attacker could use this to execute
arbitrary code, and possibly escalate privileges (CVE-2011-2777).
Helmut Grohne and Michael Biebl discovered that ACPI scripts were
executed with a permissive file mode creation mask (umask). A local
attacker could read files and modify directories created by ACPI
scripts that did not set a strict umask (CVE-2011-4578).
The updated packages have been patched to correct these issues.
23d5343c86fea6a72a789a3f29e4f733 2011/i586/acpid-2.0.10-1.1-mdv2011.0.i586.rpm 3a78db800ec8c3063d834f618a39357e 2011/SRPMS/acpid-2.0.10-1.1.src.rpm
a8e6080d229eae2c7ce068a240f902c6 2011/x86_64/acpid-2.0.10-1.1-mdv2011.0.x86_64.rpm 3a78db800ec8c3063d834f618a39357e 2011/SRPMS/acpid-2.0.10-1.1.src.rpm