Vulnerability Description
SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Systemtap | Systemtap | <= 1.4 |
Related Weaknesses (CWE)
References
- http://openwall.com/lists/oss-security/2011/05/20/2Patch
- http://secunia.com/advisories/44802
- http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:154
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:155
- http://www.securityfocus.com/bid/47934
- https://bugzilla.redhat.com/show_bug.cgi?id=702687Patch
- https://rhn.redhat.com/errata/RHSA-2011-0842.html
- http://openwall.com/lists/oss-security/2011/05/20/2Patch
- http://secunia.com/advisories/44802
- http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:154
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:155
- http://www.securityfocus.com/bid/47934
- https://bugzilla.redhat.com/show_bug.cgi?id=702687Patch
FAQ
What is CVE-2011-1769?
CVE-2011-1769 is a vulnerability with a CVSS score of 1.2 (LOW). SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF express...
How severe is CVE-2011-1769?
CVE-2011-1769 has been rated LOW with a CVSS base score of 1.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1769?
Check the references section above for vendor advisories and patch information. Affected products include: Systemtap Systemtap.