CVE-2009-2911
First published: Thu Oct 15 2009(Updated: )
Multiple denial of service flaws were found in the SystemTap instrumentation system, when the --unprivileged mode was activated: a, Kernel stack overflow allows local attackers to cause denial of service or execute arbitrary code via long number of parameters, provided to the print* call. b, Kernel stack frame overflow allows local attackers to cause denial of service via specially-crafted user-provided DWARF information. c, Absent check(s) for the upper bound of the size of the unwind table and for the upper bound of the size of each of the CIE/CFI records, could allow an attacker to cause a denial of service (infinite loop). References: ----------- <a href="http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750">http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750</a> <a href="http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633">http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633</a> Issue severity note: -------------------- The --unprivileged mode needs to be activated by the privileged user prior the unprivileged user could exploit these flaws. SystemTap 1.0 in the default configuration is not shipped with the --unprivileged mode activated, this is NOT vulnerable to these flaws. Information about vulnerable versions: -------------------------------------- These issues do NOT affect the versions of SystemTap instrumentation system, as shipped with Red Hat Enterprise Linux 4 and 5. These issues affect the versions of SystemTap instrumentation system, as shipped with Fedora releases of 10 and 11. See also above severity note.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Systemtap Systemtap | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/36778
- http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750
- https://bugzilla.redhat.com/show_bug.cgi?id=529175
- http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633
- http://www.openwall.com/lists/oss-security/2009/10/21/1
- http://www.vupen.com/english/advisories/2009/2989
- https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html
- http://secunia.com/advisories/37167
- https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365293&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365293&action=edit
- http://sourceware.org/bugzilla/show_bug.cgi?id=10750
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365294&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365294&action=edit
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365413&action=diff
- https://bugzilla.redhat.com/show_bug.cgi/attachment.cgi?id=365413&action=edit
- http://admin.fedoraproject.org/updates/systemtap-1.0-2.fc11
- http://admin.fedoraproject.org/updates/systemtap-1.0-2.fc10
- http://admin.fedoraproject.org/updates/systemtap-1.0-2.fc12
- collector/nvd-historical
- collector/nvd-index
- agent/type
- agent/first-publish-date
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/severity
- agent/last-modified-date
- agent/references
- agent/weakness
- agent/remedy
- agent/tags
- agent/event
- agent/description
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2009-2911
- vendor/systemtap
- canonical/systemtap systemtap
- version/systemtap systemtap/1.0