Linux Distros Unpatched Vulnerability : CVE-2011-2503

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module wh...

CVE-2011-2503

The insertmodule function in runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module...

CVE-2011-2502

runtime/staprun/staprunfuncs.c in the systemtap runtime tool staprun in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search pat...

CVE-2010-4171

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service unloading of arbitrary kernel modules...

Fedora 13 : systemtap-1.3-3.fc13 (2010-17873)

This refresh corrects two important security bugs in the /usr/bin/staprun program of the systemtap-runtime package. CVE-2010-4171 Ability to remove unused modules by unprivileged user CVE-2010-4170 Insecure loading of modules We would like to thank Tavis Ormandy for reporting this issue. Note tha...

PT-2010-1046 · Red Hat · Systemtap-Server +9

Name of the Vulnerable Software and Affected Versions: systemtap versions 0.6.2 through 1.3 systemtap-runtime versions 0.6.2 through 1.1 systemtap-testsuite versions 0.6.2 through 1.1 systemtap-client versions 1.1 through 1.2 systemtap-server versions 1.1 systemtap-initscript versions 1.1...

CentOS Security Advisory CESA-2009:0373 (systemtap)

The remote host is missing updates to systemtap announced in advisory CESA-2009:0373. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only OR...

PT-2011-5232 · Linux +4 · Linux Kernel +16

Name of the Vulnerable Software and Affected Versions: openSUSE systemtap-runtime-debuginfo affected versions not specified openSUSE systemtap-sdt-devel affected versions not specified openSUSE systemtap affected versions not specified openSUSE libvmtools0 affected versions not specified Linux...

PT-2011-5238 · Opensuse +4 · Systemtap-Sdt-Devel +7

Name of the Vulnerable Software and Affected Versions: openSUSE systemtap-runtime-debuginfo affected versions not specified openSUSE systemtap affected versions not specified openSUSE systemtap-sdt-devel affected versions not specified openSUSE libvmtools0 affected versions not specified Linux...

PT-2011-5230 · Vmware +5 · Libvmtools-Devel +20

Name of the Vulnerable Software and Affected Versions: openSUSE versions prior to the fixed version Linux kernel versions through 3.8.4 systemtap versions affected versions not specified systemtap-runtime versions affected versions not specified systemtap-runtime-debuginfo versions affected...