Debian Security Advisory

DLA-30-1 acpi-support -- LTS security update

Date Reported:

05 Aug 2014

Affected Packages:

acpi-support

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2014-1419.

More information:

CESG discovered a race condition in acpi-support which may allow an unprivileged user to execute arbitrary code as a different user, including root.

For Debian 6 Squeeze, these issues have been fixed in acpi-support version 0.137-5+deb6u1