Vulnerabilities in udev
bruce.dubbs at gmail.com
Mon Apr 27 11:36:24 PDT 2009
Mike McCarty wrote:
> I am not expert, so I perhaps am not able to see how the vulnerabilities
> listed affect my machine. Could you be more specific about how the
> vulnerabilities are subject to exploit? I'd appreciate that very much.
> IOW, I'd like to see something which would allow us to evaluate what
> our exposure might be.
You're right Mike, not all vulnerabilities are equal. However it is good
practice to fix known vulnerabilities. If, for instance, you decided to run a
web server or even give yourself the capability to ssh into the system from
outside your home and there was a problem with that server software, a local
vulnerability could then lead to a root compromise.
In this case, the fix is easy. Just rebuild the source with the patch and
reboot. You might even get by without rebooting by finding the udevd daemon:
# ps -ef|grep udevd
root 457 1 0 Apr26 ? 00:00:00 /sbin/udevd --daemon
kill that and restart
#kill -9 457; /etc/rc.d/init.d/udev start
But rebooting would probably be the safer alternative because of the way devices
interact with everything on the system.
More information about the lfs-support