Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatRedHatRHSA-2010:0125
HistoryMar 01, 2010 - 12:00 a.m.

(RHSA-2010:0125) Moderate: systemtap security update

2010-03-0100:00:00
access.redhat.com
11

EPSS

0.001

Percentile

26.5%

JSON

SystemTap is an instrumentation system for systems running the Linux
kernel, version 2.6. Developers can write scripts to collect data on the
operation of the system.

A buffer overflow flaw was found in SystemTap’s tapset __get_argv()
function. If a privileged user ran a SystemTap script that called this
function, a local, unprivileged user could, while that script is still
running, trigger this flaw and cause memory corruption by running a command
with a large argument list, which may lead to a system crash or,
potentially, arbitrary code execution with root privileges. (CVE-2010-0411)

Note: SystemTap scripts that call __get_argv(), being a privileged
function, can only be executed by the root user or users in the stapdev
group. As well, if such a script was compiled and installed by root, users
in the stapusr group would also be able to execute it.

SystemTap users should upgrade to these updated packages, which contain a
backported patch to correct this issue.

OSVersionArchitecturePackageVersionFilename
RedHat4srcsystemtap< 0.6.2-2.el4_8.1systemtap-0.6.2-2.el4_8.1.src.rpm
RedHat4ia64systemtap< 0.6.2-2.el4_8.1systemtap-0.6.2-2.el4_8.1.ia64.rpm
RedHat4x86_64systemtap-runtime< 0.6.2-2.el4_8.1systemtap-runtime-0.6.2-2.el4_8.1.x86_64.rpm
RedHat4i386systemtap-testsuite< 0.6.2-2.el4_8.1systemtap-testsuite-0.6.2-2.el4_8.1.i386.rpm
RedHat4i386systemtap-runtime< 0.6.2-2.el4_8.1systemtap-runtime-0.6.2-2.el4_8.1.i386.rpm
RedHat4ppc64systemtap-testsuite< 0.6.2-2.el4_8.1systemtap-testsuite-0.6.2-2.el4_8.1.ppc64.rpm
RedHat4x86_64systemtap< 0.6.2-2.el4_8.1systemtap-0.6.2-2.el4_8.1.x86_64.rpm
RedHat4x86_64systemtap-testsuite< 0.6.2-2.el4_8.1systemtap-testsuite-0.6.2-2.el4_8.1.x86_64.rpm
RedHat4i386systemtap< 0.6.2-2.el4_8.1systemtap-0.6.2-2.el4_8.1.i386.rpm
RedHat4ppc64systemtap< 0.6.2-2.el4_8.1systemtap-0.6.2-2.el4_8.1.ppc64.rpm
Rows per page:
1-10 of 131

Related

nvd 1
openvas 15
cve 1
nessus 12
exploitdb 1
prion 1
centos 2
debiancve 1
oraclelinux 2
ubuntucve 1
cvelist 1
veracode 1
redhat 1
fedora 2
nvd
nvd
CVE-2010-0411
2010-02-08 20:30:01
openvas
openvas
SystemTap Multiple Vulnerabilities
2010-02-11 00:00:00
SystemTap Multiple Vulnerabilities
2010-02-11 00:00:00
RedHat Update for systemtap RHSA-2010:0125-01
2010-03-05 00:00:00
cve
cve
CVE-2010-0411
2010-02-08 20:30:01
nessus
nessus
RHEL 4 : systemtap (RHSA-2010:0125)
2010-03-02 00:00:00
CentOS 4 : systemtap (CESA-2010:0125)
2010-03-03 00:00:00
Scientific Linux Security Update : systemtap on SL4.x i386/x86_64
2012-08-01 00:00:00
exploitdb
exploitdb
SystemTap 1.0/1.1 - &#039;__get_argv()&#039; / &#039;__get_compat_argv()&#039; Local Memory Corruption
2010-02-05 00:00:00
prion
prion
Integer overflow
2010-02-08 20:30:00
centos
centos
systemtap security update
2010-03-01 22:54:31
systemtap security update
2010-03-02 17:59:18
debiancve
debiancve
CVE-2010-0411
2010-02-08 20:30:01
oraclelinux
oraclelinux
systemtap security update
2010-03-01 00:00:00
systemtap security update
2010-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2010-0411
2010-02-08 00:00:00
cvelist
cvelist
CVE-2010-0411
2010-02-08 20:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:44:06
redhat
redhat
(RHSA-2010:0124) Important: systemtap security update
2010-03-01 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: systemtap-1.1-2.fc11
2010-02-18 22:23:27
[SECURITY] Fedora 12 Update: systemtap-1.1-2.fc12
2010-02-18 22:36:34

EPSS

0.001

Percentile

26.5%

JSON
Related for RHSA-2010:0125
nvd1openvas15cve1nessus12exploitdb1prion1centos2debiancve1oraclelinux2ubuntucve1cvelist1veracode1redhat1fedora2