| Revision Date: | 2008-03-20 | Version: | 502 |
| Title: | RHSA-2005:864: udev security update (Important) |
| Description: | The udev package contains an implementation of devfs in userspace using sysfs and /sbin/hotplug.
Richard Cunningham discovered a flaw in the way udev sets permissions on various files in /dev/input. It may be possible for an authenticated attacker to gather sensitive data entered by a user at the console, such as passwords. The Common Vulnerabilities and Exposures project has assigned the name CVE-2005-3631 to this issue.
All users of udev should upgrade to these updated packages, which contain a backported patch and are not vulnerable to this issue.
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | CVE-2005-3631
RHSA-2005:864-01
|
| Platform(s): | Red Hat Enterprise Linux 4
| Product(s): | |
| Definition Synopsis |
| Red Hat Enterprise Linux 4 is installed AND udev is earlier than 0:039-10.10.EL4.3
AND udev is signed with Red Hat master key
|