Описание
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | systemtap | Will not fix | ||
| Red Hat Enterprise Linux 5 | systemtap | Fixed | RHSA-2011:1089 | 25.07.2011 |
| Red Hat Enterprise Linux 6 | systemtap | Fixed | RHSA-2011:1088 | 25.07.2011 |
Показывать по
Дополнительная информация
Статус:
EPSS
6 Medium
CVSS2
Связанные уязвимости
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
The insert_module function in runtime/staprun/staprun_funcs.c in the s ...
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
EPSS
6 Medium
CVSS2