[CentOS] Local root vulnerability in udev

Mon Apr 20 13:42:39 UTC 2009
Andrew Colin Kissa <andrew at topdog.za.net>

On 20 Apr 2009, at 3:39 PM, Rob Kampen wrote:

> John Austin wrote:
>> On Mon, 2009-04-20 at 09:21 -0400, Rob Kampen wrote:
>>
>>> Lanny Marcus wrote:
>>>
>>>> On Sat, Apr 18, 2009 at 9:12 PM, Lanny Marcus <lmmailinglists at gmail.com 
>>>> > wrote:
>>>>
>>>>> I just saw this thread in the OLM forum. Possibly of interest,  
>>>>> since
>>>>> they say it includes CentOS 5, if the update hasn't been  
>>>>> released yet.
>>>>> Always good  to keep boxes updated, for security and stability
>>>>> reasons.
>>>>>
>>>>> <http://forums.olm.net/showthread.php?t=2137>
>>>>>
>>>>>
>>>> I posted the above Saturday night and there was very little  
>>>> activity
>>>> in this mailing list over the weekend. Anyone using Apache on  
>>>> CentOS
>>>> 5, heads up!
>>>> _______________________________________________
>>>> CentOS mailing list
>>>> CentOS at centos.org
>>>> http://lists.centos.org/mailman/listinfo/centos
>>>>
>>> Lanny,
>>> I just killed the udevd on my two servers and await the update....
>>> What are you looking for?
>>> Rob
>>> _______________________________________________
>>> CentOS mailing list
>>> CentOS at centos.org
>>> http://lists.centos.org/mailman/listinfo/centos
>>>
>>
>> New udev just arrived - I assume this the fix !!
>> udev-095-14.20.el5_3.x86_64.rpm
>>
>> John
>>
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>>
> Just did the upgrade on one of my servers, however, udev is one of  
> those items that starts right at the beginning of boot up, and has  
> no init script to stop and start it, so I guess a total reboot is  
> required??

According to the RHEL errata the udevd daemon automatically gets  
restarted on installing the update.

https://rhn.redhat.com/errata/RHSA-2009-0427.html


>
> <rkampen.vcf>_______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos