(RHSA-2011:1089) Moderate: systemtap security update

2011-07-25T04:00:00
ID RHSA-2011:1089
Type redhat
Reporter RedHat
Modified 2017-09-08T12:05:21

Description

SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system.

A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503)

SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue.