oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

systemtap DoS issue (CVE-2010-0411)

From: Vincent Danen <vdanen () redhat com>
Date: Thu, 4 Feb 2010 11:02:28 -0700
Just a heads up that an issue in SystemTap was found where using the
__get_argv() function in tapset could result in a crash of the SystemTap
script that calls it (and syscall.execve) or, if it's running as root,
could lead to a hang/crash of the system running the script.

This flaw has been assigned CVE-2010-0411.  More details can be found
here:

https://bugzilla.redhat.com/show_bug.cgi?id=559719
http://sourceware.org/bugzilla/show_bug.cgi?id=11234

--
Vincent Danen / Red Hat Security Response Team
Previous By Date Next
Previous By Thread Next

Current thread: