gcc-toolset-10-systemtap bug fix and enhancement update

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or,...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. Two divide-by-zero flaws were found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use these flaws to crash the system...

Arbitrary Code Execution

systemtap is vulnerable to arbitrary code execution. The vulnerability exists as it was found that SystemTap did not perform proper module path sanity checking if a user specified a custom path to the uprobes module, used when performing user-space probing "staprun -u". A local user who is a memb...

Privilege Escalation

systemtap is vulnerable to privilege escalation. The vulnerability exists as a race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system. Additionally...

Denial Of Service (DoS)

SystemTap is vulnerable to denial of service DoS.It is possible because staprun did not check if the module to be unloaded was previously loaded by SystemTap. A local, unprivileged user could use this flaw to unload an arbitrary kernel module that was not in use...

Privilege Escalation

systemtap is vulnerable to privilege escalation. The vulnerability exists as it was discovered that staprun did not properly sanitize the environment before executing the modprobe command to load an additional kernel module. A local, unprivileged user could use this flaw to escalate their...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service DoS. The vulnerability exists as a buffer overflow flaw was found in SystemTap's tapset getargv function. If a privileged user ran a SystemTap script that called this function, a local, unprivileged user could, while that script is still running, trigg...

Arbitrary Code Execution

systemtap is vulnerable to arbitrary code execution. The vulnerability exists as a flaw was found in the SystemTap compile server, stap-server, an optional component of SystemTap. This server did not adequately sanitize input provided by the stap-client program, which may allow a remote user to...

Privilege Escalation

systemtap is vulnerable to privilege escalation. A race condition was discovered in SystemTap that could allow users in the stapusr group to elevate privileges to that of members of the stapdev group and hence root, bypassing directory confinement restrictions and allowing them to insert arbitrar...

CVE-2017-13166

A bug in the 32-bit compatibility layer of the ioctl handling code of the v4l2 video driver in the Linux kernel has been found. A memory protection mechanism ensuring that user-provided buffers always point to a userspace memory were disabled, allowing destination address to be in a kernel space...

CVE-2018-14634

An integer overflow flaw was found in the Linux kernel's createelftables function. An unprivileged local user with access to SUID or otherwise privileged binary could use this flaw to escalate their privileges on the system. Mitigation To mitigate the issue: Enable and install kernel-debuginfo...

new packages: gcc-toolset-9-systemtap

An update is available for gcc-toolset-9-systemtap. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list GCC Toolset is a compiler toolset that provides recent versio...

new packages: gcc-toolset-9-systemtap

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-systemtap packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GC...

ALEA-2019:3454 new packages: gcc-toolset-9-systemtap

GCC Toolset is a compiler toolset that provides recent versions of development tools. GCC Toolset is an Application Stream packaged as a Software Collection. This enhancement update adds the gcc-toolset-9-systemtap packages to AlmaLinux Eneterprise Linux 8. For instructions on usage, see Using GC...

SystemTap 1.3 MODPROBE_OPTIONS Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SystemTap MODPROBEOPTIONS Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in...

SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation Exploit

This Metasploit module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be specified in...

SystemTap 1.3 - MODPROBE_OPTIONS Privilege Escalation (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SystemTap MODPROBEOPTIONS Privilege Escalation', 'Description' = %q This module attempts to gain root privileges by exploiting a vulnerability in...

SystemTap MODPROBE_OPTIONS Privilege Escalation

This module attempts to gain root privileges by exploiting a vulnerability in the staprun executable included with SystemTap version 1.3. The staprun executable does not clear environment variables prior to executing modprobe, allowing an arbitrary configuration file to be specified in the...