Vulnerability Description
ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, which triggers an infinite loop.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Tim Hockin | Acpid | <= 1.0.8 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/34838Vendor Advisory
- http://secunia.com/advisories/34914
- http://secunia.com/advisories/34918
- http://secunia.com/advisories/35010
- http://secunia.com/advisories/35209
- http://secunia.com/advisories/35231
- http://www.debian.org/security/2009/dsa-1786
- http://www.gentoo.org/security/en/glsa/glsa-200905-06.xml
- http://www.mandriva.com/security/advisories?name=MDVSA-2009:107
- http://www.redhat.com/support/errata/RHSA-2009-0474.html
- http://www.securityfocus.com/bid/34692
- http://www.securitytracker.com/id?1022182
- http://www.ubuntu.com/usn/USN-766-1
- https://bugzilla.redhat.com/show_bug.cgi?id=494443Patch
- https://bugzilla.redhat.com/show_bug.cgi?id=502583
FAQ
What is CVE-2009-0798?
CVE-2009-0798 is a vulnerability with a CVSS score of 5.0 (MEDIUM). ACPI Event Daemon (acpid) before 1.0.10 allows remote attackers to cause a denial of service (CPU consumption and connectivity loss) by opening a large number of UNIX sockets without closing them, whi...
How severe is CVE-2009-0798?
CVE-2009-0798 has been rated MEDIUM with a CVSS base score of 5.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-0798?
Check the references section above for vendor advisories and patch information. Affected products include: Tim Hockin Acpid.