Enclawed: A Configurable, Sector-Neutral Hardening Framework for Single-User AI Assistant Gateways

We present enclawed, a hard-fork hardening framework built on top of the OpenClaw single-user personal artificial intelligence AI assistant gateway. enclawed targets deployments that need attestable peer trust, deny-by-default external connectivity, signed-module loading, and a tamper-evident aud...

RHEL 4 : systemtap (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 4 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - systemtap: signed module loading race condition CVE-2011-2503 Note that Nessus has not tested for this issue but ha...

Privilege Escalation

systemtap is vulnerable to privilege escalation. The vulnerability exists as a race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing...

RHEL 5 : systemtap (RHSA-2011:1089)

The remote Redhat Enterprise Linux 5 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2011:1089 advisory. SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the...

systemtap: signed module loading race condition

The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...