Lucene search

K

Veracode Vulnerability DatabaseVERACODE:24663

HistoryApr 10, 2020 - 1:01 a.m.

Privilege Escalation

2020-04-1001:01:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

8

EPSS

0

Percentile

5.1%

systemtap is vulnerable to privilege escalation. The vulnerability exists as a race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges.

References

secunia.com/advisories/45377

secunia.com/advisories/46920

sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=blob;f=NEWS;hb=304d73b1fea24af791f2a129fb141c5009eae6a8

sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commitdiff;h=ed51cfa24ca27746ab09b59280b94117dd58cba3

www.debian.org/security/2011/dsa-2348

access.redhat.com/errata/RHSA-2011:1089

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503

EPSS

0

Percentile

5.1%

Related for VERACODE:24663

nessus11 openvas18 nvd1 oraclelinux2 prion1 ubuntucve1 cvelist1 cve1 centos1 redhat2 debiancve1 fedora3 debian1 osv1