Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2009-2911

SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.

Related bugs and status

CVE-2009-2911 (Candidate) is related to these bugs:

Bug #1203590: [MIR] systemtap

Summary				In	Importance	Status
	1203590	[MIR] systemtap		systemtap (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://gcc.gnu.org/bug...
MISC: http://www.securityfoc...
MISC: http://secunia.com/adv...
MISC: http://www.vupen.com/e...
MISC: https://www.redhat.com...
MISC: https://www.redhat.com...
MISC: https://bugzilla.redha...
MISC: http://www.openwall.co...
MISC: http://sources.redhat....