Vulnerability Description
SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing).
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Systemtap | Systemtap | 1.4 |
Related Weaknesses (CWE)
References
- http://openwall.com/lists/oss-security/2011/05/20/2
- http://secunia.com/advisories/44802
- http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:155
- http://www.securityfocus.com/bid/47934
- https://bugzilla.redhat.com/show_bug.cgi?id=702687
- https://rhn.redhat.com/errata/RHSA-2011-0842.html
- http://openwall.com/lists/oss-security/2011/05/20/2
- http://secunia.com/advisories/44802
- http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=fa2e3415185a28542d419a
- http://www.mandriva.com/security/advisories?name=MDVSA-2011:155
- http://www.securityfocus.com/bid/47934
- https://bugzilla.redhat.com/show_bug.cgi?id=702687
- https://rhn.redhat.com/errata/RHSA-2011-0842.html
FAQ
What is CVE-2011-1781?
CVE-2011-1781 is a vulnerability with a CVSS score of 1.2 (LOW). SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that ar...
How severe is CVE-2011-1781?
CVE-2011-1781 has been rated LOW with a CVSS base score of 1.2/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2011-1781?
Check the references section above for vendor advisories and patch information. Affected products include: Systemtap Systemtap.