|
|
Subscribe / Log in / New account

A privilege escalation flaw in udev

A privilege escalation flaw in udev

Posted Apr 23, 2009 0:42 UTC (Thu) by smithj (guest, #38034)
In reply to: A privilege escalation flaw in udev by tzafrir
Parent article: A privilege escalation flaw in udev

The RHEL update for this issue automatically restarts udev. I would imagine other vendors either do the same or that /etc/init.d/udev restart (or similar) would be safe to execute on an in-production system.

to post comments

A privilege escalation flaw in udev

Posted Apr 23, 2009 8:45 UTC (Thu) by janfrode (subscriber, #244) [Link] (3 responses)

The Red Hat errata for this fix says: 
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
Is that just the normal cop out, or are there any reasons to worry upgrading udev on a RHEL5u0 will break something.. ?

A privilege escalation flaw in udev

Posted Apr 23, 2009 13:25 UTC (Thu) by cesarb (subscriber, #6266) [Link] (1 responses)

I have seen that sentence in every single security advisory they issue, so it is probably just a boilerplate sentence (of course, one can expect there are reasons for them adding that boilerplate).

A privilege escalation flaw in udev

Posted Apr 23, 2009 16:07 UTC (Thu) by janfrode (subscriber, #244) [Link]

And just to be on the paranoid safe side I asked Red Hat support, and they confirmed it should be safe to upgrade on any RHEL5 update levels.

A privilege escalation flaw in udev

Posted Apr 24, 2009 18:43 UTC (Fri) by smithj (guest, #38034) [Link]

FYI, I updated udev only on various RHEL5 boxen from 5.1 to 5.3, with weird patch levels in-between. I've yet to see any problems.

Your milage may vary.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds