CVE-2011-1159
published 2011-10-05CVE-2011-1159: acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows…
PriorityP412low2.1CVSS 2.0
AVLACLAuNCNINAP
EXPLOIT
EPSS
1.09%
61.4th percentile
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | acpid | < acpid 1:2.0.9-1 (bookworm) | acpid 1:2.0.9-1 (bookworm) |
| tedfelix | acpid | <= 2.0.8 | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tedfelix | acpid | — | — |
| tim_hockin | acpid | >= 0 < 1:2.0.9-1 | 1:2.0.9-1 |
| tim_hockin | acpid | >= 0 < 1:2.0.9-1 | 1:2.0.9-1 |
| tim_hockin | acpid | >= 0 < 1:2.0.9-1 | 1:2.0.9-1 |
| tim_hockin | acpid | >= 0 < 1:2.0.9-1 | 1:2.0.9-1 |
CVSS provenance
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:N/I:N/A:P
osv2.1LOW
vendor_debian2.1LOW
vendor_redhat2.1LOW
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-vp73-h36r-mx65: acpid
ghsa_unreviewed·2022-05-17
CVE-2011-1159 [LOW] CWE-20 GHSA-vp73-h36r-mx65: acpid
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.
OSV
CVE-2011-1159: acpid
osv·2011-10-05·CVSS 2.1
CVE-2011-1159 [LOW] CVE-2011-1159: acpid
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.
Ubuntu
acpid vulnerability
vendor_ubuntu·2011-10-20
CVE-2011-1159 acpid vulnerability
Title: acpid vulnerability
Summary: acpid could be made to stall under certain conditions.
Vasiliy Kulikov discovered that acpid did not properly handle connections
from poorly behaving clients. A local attacker could potentially exploit
this to cause a denial of service.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
acpid: blocked writes can lead to acpid daemon hang
vendor_redhat·2011-01-19·CVSS 2.1
CVE-2011-1159 [LOW] acpid: blocked writes can lead to acpid daemon hang
acpid: blocked writes can lead to acpid daemon hang
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.
Package: acpid (Red Hat Enterprise Linux 4) - Will not fix
Package: acpid (Red Hat Enterprise Linux 5) - Will not fix
Package: acpid (Red Hat Enterprise Linux 6) - Will not fix
Debian
CVE-2011-1159: acpid - acpid.c in acpid before 2.0.9 does not properly handle a situation in which a pr...
vendor_debian·2011·CVSS 2.1
CVE-2011-1159 [LOW] CVE-2011-1159: acpid - acpid.c in acpid before 2.0.9 does not properly handle a situation in which a pr...
acpid.c in acpid before 2.0.9 does not properly handle a situation in which a process has connected to acpid.socket but is not reading any data, which allows local users to cause a denial of service (daemon hang) via a crafted application that performs a connect system call but no read system calls.
Scope: local
bookworm: resolved (fixed in 1:2.0.9-1)
bullseye: resolved (fixed in 1:2.0.9-1)
forky: resolved (fixed in 1:2.0.9-1)
sid: resolved (fixed in 1:2.0.9-1)
trixie: resolved (fixed in 1:2.0.9-1)
No detection rules found.
Bugzilla
CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang [fedora-all]
bugzilla·2011-05-02·CVSS 2.1
CVE-2011-1159 [LOW] CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang [fedora-all]
CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=688698
Please note: this issue affects mult
Bugzilla
CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang
bugzilla·2011-03-17·CVSS 2.1
CVE-2011-1159 [LOW] CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang
CVE-2011-1159 acpid: blocked writes can lead to acpid daemon hang
It was reported [1] that acpid opened the UNIX socket that informs unprivileged processes about acpi evens in blocking mode. If an unprivileged process were to stop reading data from the socket, then after some time the socket queue fills up which would then lead to a hang of the privileged acpid daemon. The daemon will hang until the socket peer process read some portion of the queued data or the peer process exits or is killed.
The reporter's solution is to open the socket in non-blocking mode:
--- a/acpid.c
+++ b/acpid.c
@@ -307,6 +307,7 @@
non_root_clients++;
}
fcntl(cli_fd, F_SETFD, FD_CLOEXEC);
+ fcntl(cli_fd, F_SETFL, O_NONBLOCK);
snprintf(buf, sizeof(buf)-1, "%d[%d:%d]",
creds.pid, creds.uid, creds.gid);
acpid_add
http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059880.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-May/060053.htmlhttp://secunia.com/advisories/42947http://secunia.com/advisories/44621http://www.openwall.com/lists/oss-security/2011/01/19/4http://www.openwall.com/lists/oss-security/2011/03/15/12http://www.openwall.com/lists/oss-security/2011/03/15/7http://www.securityfocus.com/bid/45915https://bugzilla.redhat.com/show_bug.cgi?id=688698http://lists.fedoraproject.org/pipermail/package-announce/2011-May/059880.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-May/060053.htmlhttp://secunia.com/advisories/42947http://secunia.com/advisories/44621http://www.openwall.com/lists/oss-security/2011/01/19/4http://www.openwall.com/lists/oss-security/2011/03/15/12http://www.openwall.com/lists/oss-security/2011/03/15/7http://www.securityfocus.com/bid/45915https://bugzilla.redhat.com/show_bug.cgi?id=688698
2011-10-05
Published