[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[rhelv5-list] restart or reboot? Re: [RHSA-2009:0427-01] Important: udev security update



Hello...

On Thu, 2009-04-16 at 15:44 -0400, bugzilla redhat com wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> =====================================================================
>                    Red Hat Security Advisory
> 
> Synopsis:          Important: udev security update
> Advisory ID:       RHSA-2009:0427-01
> Product:           Red Hat Enterprise Linux
> Advisory URL:      https://rhn.redhat.com/errata/RHSA-2009-0427.html
> Issue date:        2009-04-16
> CVE Names:         CVE-2009-1185 
> =====================================================================
> 
> 1. Summary:
> 
> Updated udev packages that fix one security issue are now available for Red
> Hat Enterprise Linux 5.
> 
> This update has been rated as having important security impact by the Red
> Hat Security Response Team.
> 
<snip>

> It was discovered that udev did not properly check the origin of Netlink
> messages. A local attacker could use this flaw to gain root privileges via
> a crafted Netlink message sent to udev, causing it to create a
> world-writable block device file for an existing system block device (for
> example, the root file system). (CVE-2009-1185)
> 

I looked through the advisories from several Linux distros, but did not
see any mention as to if this update needs a reboot, or just a daemon
restart.  The rpm does a restart of the udev daemon, so I am assuming a
reboot is not necessary, but it would be nice if someone could confirm
this.

thanks


-- 
Christopher McCrory
 "The guy that keeps the servers running"
 
chrismcc pricegrabber com
 http://www.pricegrabber.com
 
Let's face it, there's no Hollow Earth, no robots, and
no 'mute rays.' And even if there were, waxed paper is
no defense.  I tried it.  Only tinfoil works.



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]