Vulnerability Description
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Systemtap | Systemtap | 1.1 |
Related Weaknesses (CWE)
References
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.h
- http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.h
- http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
- http://marc.info/?l=oss-security&m=126530657715364&w=2
- http://secunia.com/advisories/38426Vendor Advisory
- http://secunia.com/advisories/38680
- http://secunia.com/advisories/38765
- http://secunia.com/advisories/38817
- http://secunia.com/advisories/39656
- http://securitytracker.com/id?1023664
- http://sourceware.org/bugzilla/show_bug.cgi?id=11234
- http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a64
- http://www.redhat.com/support/errata/RHSA-2010-0124.html
- http://www.redhat.com/support/errata/RHSA-2010-0125.html
- http://www.securityfocus.com/bid/38120Exploit
FAQ
What is CVE-2010-0411?
CVE-2010-0411 is a vulnerability with a CVSS score of 4.9 (MEDIUM). Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, o...
How severe is CVE-2010-0411?
CVE-2010-0411 has been rated MEDIUM with a CVSS base score of 4.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-0411?
Check the references section above for vendor advisories and patch information. Affected products include: Systemtap Systemtap.