Udev; Rhsa-2009:0427: Important Security Update; Rhba-2009:1346: Bug Fix And Enhancement Update - Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES Manual
Hide thumbs
Also See for ENTERPRISE LINUX 5.4 - TECHNICAL NOTES:
- Reference manual (86 pages) ,
- Manual (80 pages) ,
- Release note (20 pages)
Table of Contents
Advertisement
All users, especially those in locales affected by these time changes and users interacting with people
or systems in the affected locales, are advised to upgrade to this updated package, which adds these
enhancements.
1.229. udev
1.229.1. RHSA-2009:0427: Important security update
Important
This update has already been released (prior to the GA of this release) as the security
RHSA-2009:0427
errata
Updated udev packages that fix one security issue are now available for Red Hat Enterprise Linux 5.
This update has been rated as having important security impact by the Red Hat Security Response
Team.
udev provides a user-space API and implements a dynamic device directory, providing only the
devices present on the system. udev replaces devfs in order to provide greater hot plug functionality.
Netlink is a datagram oriented service, used to transfer information between kernel modules and user-
space processes.
It was discovered that udev did not properly check the origin of Netlink messages. A local attacker
could use this flaw to gain root privileges via a crafted Netlink message sent to udev, causing it to
create a world-writable block device file for an existing system block device (for example, the root file
system).
(CVE-2009-1185
Red Hat would like to thank Sebastian Krahmer of the SUSE Security Team for responsibly reporting
this flaw.
Users of udev are advised to upgrade to these updated packages, which contain a backported patch
to correct this issue. After installing the update, the udevd daemon will be restarted automatically.
1.229.2. RHBA-2009:1346: bug fix and enhancement update
Updated udev packages that fix a bug and add an enhancement are now available.
The udev packages implement a dynamic device-directory, providing only the devices present on
the system. This dynamic directory runs in user-space, dynamically creates and removes devices,
provides consistent naming, and a user-space API. udev replaces devfs, providing greater hot plug
functionality.
These updated packages fix the following bug:
• leftover queue files from the udev instance of the initrd, caused a stall in the udev started
from rc.sysinit. In this update the files are removed before starting the daemon in rc.sysinit.
1756
(BZ#487858
)
These updated packages add the following enhancement:
1755
https://www.redhat.com/security/data/cve/CVE-2009-1185.html
1754
1755
)
udev
251
Advertisement
Table of Contents
Related Manuals for Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES
Related Products for Red Hat ENTERPRISE LINUX 5.4 - TECHNICAL NOTES
- Red Hat DEVICE-MAPPER MULTIPATH 5.2
- Red Hat NETWORK SATELLITE 5.1.0 - CHANNEL MANAGEMENT
- Red Hat NETWORK SATELLITE 5.3.0 - CHANNEL MANAGEMENT
- Red Hat GLOBAL FILE SYSTEM 5.0
- Red Hat GLOBAL FILE SYSTEM 5.1
- Red Hat NETWORK SATELLITE 5.0.0 -
- Red Hat NETWORK SATELLITE 5.1.1 - RELEASE NOTES
- Red Hat Application Server
- Red Hat APPLICATION SERVER - JONAS
- Red Hat APPLICATION STACK 1.1 RELEASE
- Red Hat APPLICATION STACK 1.2 RELEASE
- Red Hat APPLICATION STACK 1.3 RELEASE
- Red Hat APPLICATION STACK 1.4 RELEASE
- Red Hat APPLICATION STACK 2.0 RELEASE
- Red Hat APPLICATION STACK 2.1 RELEASE
- Red Hat APPLICATION STACK 2.2 RELEASE
Need help?
Do you have a question about the ENTERPRISE LINUX 5.4 - TECHNICAL NOTES and is the answer not in the manual?
Questions and answers