Debian Security Advisory

DLA-30-1 acpi-support -- LTS security update

Date Reported:
05 Aug 2014
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2014-1419.
More information:

CESG discovered a race condition in acpi-support which may allow an unprivileged user to execute arbitrary code as a different user, including root.

For Debian 6 Squeeze, these issues have been fixed in acpi-support version 0.137-5+deb6u1