SUSE CVE-2011-2502

runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search pat...

Denial Of Service (DoS)

systemtap is vulnerable to denial of service. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or,...

Amazon Linux AMI : systemtap (ALAS-2012-54)

An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory...

Oracle Linux 4 : systemtap (ELSA-2010-0895)

From Red Hat Security Advisory 2010:0895 : Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 4. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...

Scientific Linux Security Update : systemtap on SL4.x i386/x86_64

CVE-2010-0411 systemtap: Crash with systemtap script using getargv A buffer overflow flaw was found in SystemTap's tapset getargv function. If a privileged user ran a SystemTap script that called this function, a local, unprivileged user could, while that script is still running, trigger this fla...

Scientific Linux Security Update : systemtap on SL4.x i386/x86_64

It was discovered that staprun did not properly sanitize the environment before executing the modprobe command to load an additional kernel module. A local, unprivileged user could use this flaw to escalate their privileges. CVE-2010-4170 Note: On Scientific Linux 4, an attacker must be a member ...

Scientific Linux Security Update : systemtap on SL4.x, SL5.x i386/x86_64

A race condition was discovered in SystemTap that could allow users in the stapusr group to elevate privileges to that of members of the stapdev group and hence root, bypassing directory confinement restrictions and allowing them to insert arbitrary SystemTap kernel modules. CVE-2009-0784...

Scientific Linux Security Update : systemtap on SL5.x i386/x86_64

SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the...

Scientific Linux Security Update : systemtap on SL5.x, SL6.x i386/x86_64 (20120308)

SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When...

CVE-2011-2502

runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search pat...

DEBIAN-CVE-2011-2502

runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search pat...

CVE-2011-2502

runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search pat...

Medium: systemtap

Issue Overview: An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kern...

Moderate: Red Hat Security Advisory: systemtap security update

Updated systemtap packages that fix one security issue are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

Fedora 14 : systemtap-1.4-6.fc14 (2011-7302)

Two divide-by-zero flaws were found in the way systemtap interpreted certain corrupted DWARF expressions. A privileged user able to execute arbitrary systemtap scripts could be tricked into triggering this flaw to crash the target machine. An unprivileged user in the stapusr group may be able to...

Fedora 15 : systemtap-1.4-9.fc15 (2011-7314)

Two divide-by-zero flaws were found in the way systemtap interpreted certain corrupted DWARF expressions. A privileged user able to execute arbitrary systemtap scripts could be tricked into triggering this flaw to crash the target machine. An unprivileged user in the stapusr group may be able to...

RedHat Update for systemtap RHSA-2010:0895-01

Check for the Version of systemtap OpenVAS Vulnerability Test RedHat Update for systemtap RHSA-2010:0895-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for systemtap RHSA-2010:0894-01

Check for the Version of systemtap OpenVAS Vulnerability Test RedHat Update for systemtap RHSA-2010:0894-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

RedHat Update for systemtap RHSA-2010:0894-01

Check for the Version of systemtap OpenVAS Vulnerability Test RedHat Update for systemtap RHSA-2010:0894-01 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under t...

systemtap security update

CentOS Errata and Security Advisory CESA-2010:0894 Updated systemtap packages that fix two security issues are now available for Red Hat Enterprise Linux 5 and 6. The Red Hat Security Response Team has rated this update as having important security impact. Common Vulnerability Scoring System CVSS...