Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24627

HistoryApr 10, 2020 - 12:59 a.m.

Denial Of Service (DoS)

2020-04-1000:59:31

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

9

EPSS

0

Percentile

5.1%

systemtap is vulnerable to denial of service. A divide-by-zero flaw was found in the way SystemTap handled malformed debugging information in DWARF format. When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system. Additionally, a privileged user (root, or a member of the stapdev group) could trigger this flaw when tricked into instrumenting a specially-crafted ELF binary, even when unprivileged mode was not enabled.

References

openwall.com/lists/oss-security/2011/05/20/2

secunia.com/advisories/44802

sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a641ecd6cddd52e3cd9

sourceware.org/git/?p=systemtap.git;a=commit;h=fa2e3415185a28542d419a641ecd6cddd52e3cd9

www.mandriva.com/security/advisories?name=MDVSA-2011:154

www.mandriva.com/security/advisories?name=MDVSA-2011:155

www.securityfocus.com/bid/47934

access.redhat.com/errata/RHSA-2011:0841

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=702687

rhn.redhat.com/errata/RHSA-2011-0842.html

EPSS

0

Percentile

5.1%

Related for VERACODE:24627

debiancve1 cvelist1 nessus12 oraclelinux2 ubuntucve1 nvd1 openvas16 centos1 prion1 cve1 redhat2 fedora3 securityvulns2