Описание
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.2.1-1 |
| hardy | ignored | end of life |
| lucid | not-affected | code not present |
| maverick | ignored | end of life |
| natty | ignored | end of life |
| oneiric | ignored | end of life |
| precise | not-affected | 1.6-1ubuntu1 |
| quantal | not-affected | 1.7-1ubuntu1 |
| raring | not-affected | 2.1-1~experimental1 |
| upstream | released | 1.6-1 |
Показывать по
EPSS
4.4 Medium
CVSS2
Связанные уязвимости
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun ...
runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.
EPSS
4.4 Medium
CVSS2