Release DateMay 10, 2010 |
Severitymedium |
ImpactThis vulnerability can be exploited to cause a denial of service (CPU consumption and connectivity loss) and resource unavailable. |
Descriptionacpid is a daemon that dispatches ACPI (Advanced Configuration and Power Interface) events to user-space programs.The following vulnerability has been discovered: - CVE-2009-0798 A denial of service flaw was found in the acpid daemon's error handling. If an attacker could exhaust the sockets open to acpid, the daemon would enter an infinite loop, consuming most CPU resources and preventing acpid from communicating with legitimate processes. |
Affected Products |
Recommended ActionsUsers are advised to upgrade to the updated package(refer to CentOS advisoryCentOS 3 ia64: http://lists.centos.org/pipermail/centos-announce/2009-May/015859.html CentOS 3 x86_64: http://lists.centos.org/pipermail/centos-announce/2009-May/015846.html CentOS 4 i386: http://lists.centos.org/pipermail/centos-announce/2009-May/015926.html CentOS 4 ia64: http://lists.centos.org/pipermail/centos-announce/2009-May/015861.html CentOS 4 x86_64: http://lists.centos.org/pipermail/centos-announce/2009-May/015927.html CentOS 5 i386: http://lists.centos.org/pipermail/centos-announce/2009-May/015873.html CentOS 5 x86_64: http://lists.centos.org/pipermail/centos-announce/2009-May/015874.html ), which contains a backported patch to correct the issue. |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2009-1364 |
