CVE-2014-1419

Related Files

Debian Security Advisory 2984-1

Posted Jul 23, 2014

Authored by Debian | Site debian.org

Debian Linux Security Advisory 2984-1 - CESG discovered a root escalation flaw in the acpi-support package. An unprivileged user can inject the DBUS_SESSION_BUS_ADDRESS environment variable to run arbitrary commands as root user via the policy-funcs script.

tags | advisory, arbitrary, root

systems | linux, debian

advisories | CVE-2014-1419

SHA-256 | adaf1b772581837925185b0f8fb07ac5691d61ada127b8bcdfcadbfe95eb3291

Download | Favorite | View

Ubuntu Security Notice USN-2297-1

Posted Jul 22, 2014

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2297-1 - CESG discovered that acpi-support incorrectly handled certain privileged operations when checking for power management daemons. A local attacker could use this flaw to execute arbitrary code and elevate privileges to root.

tags | advisory, arbitrary, local, root

systems | linux, ubuntu

advisories | CVE-2014-1419

SHA-256 | 8c0d27477a48444c6aeaeb6b969c4b184ead8f5305a92a2ee3fecf5275bc02d0

Download | Favorite | View