[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[rhelv5-list] restart or reboot? Re: [RHSA-2009:0427-01] Important: udev security update


On Thu, 2009-04-16 at 15:44 -0400, bugzilla redhat com wrote:
> Hash: SHA1
> =====================================================================
>                    Red Hat Security Advisory
> Synopsis:          Important: udev security update
> Advisory ID:       RHSA-2009:0427-01
> Product:           Red Hat Enterprise Linux
> Advisory URL:      https://rhn.redhat.com/errata/RHSA-2009-0427.html
> Issue date:        2009-04-16
> CVE Names:         CVE-2009-1185 
> =====================================================================
> 1. Summary:
> Updated udev packages that fix one security issue are now available for Red
> Hat Enterprise Linux 5.
> This update has been rated as having important security impact by the Red
> Hat Security Response Team.

> It was discovered that udev did not properly check the origin of Netlink
> messages. A local attacker could use this flaw to gain root privileges via
> a crafted Netlink message sent to udev, causing it to create a
> world-writable block device file for an existing system block device (for
> example, the root file system). (CVE-2009-1185)

I looked through the advisories from several Linux distros, but did not
see any mention as to if this update needs a reboot, or just a daemon
restart.  The rpm does a restart of the udev daemon, so I am assuming a
reboot is not necessary, but it would be nice if someone could confirm


Christopher McCrory
 "The guy that keeps the servers running"
chrismcc pricegrabber com
Let's face it, there's no Hollow Earth, no robots, and
no 'mute rays.' And even if there were, waxed paper is
no defense.  I tried it.  Only tinfoil works.

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]