Systemtap

systemtap

Vendor: Systemtap • 12 CVEs

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2012-0875 1Systemtap 1Systemtap Apr 29, 2026 Feb 4, 2014 N/A· v4 N/A· v3 5.4 MEDIUM· v2 SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vector...Show more SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.Show less
CVE-2011-2503 1Systemtap 1Systemtap Apr 29, 2026 Jul 26, 2012 N/A· v4 N/A· v3 3.7 LOW· v2 The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileg...Show more The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.Show less
CVE-2011-2502 1Systemtap 1Systemtap Apr 29, 2026 Jul 26, 2012 N/A· v4 N/A· v3 4.4 MEDIUM· v2 runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local user...Show more runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.Show less
CVE-2011-1781 1Systemtap 1Systemtap Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 1.2 LOW· v2 SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handl...Show more SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs stack unwinding (aka backtracing).Show less
CVE-2011-1769 1Systemtap 1Systemtap Apr 29, 2026 Aug 29, 2011 N/A· v4 N/A· v3 1.2 LOW· v2 SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not pr...Show more SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.Show less
CVE-2010-4171 1Systemtap 1Systemtap Apr 29, 2026 Dec 7, 2010 N/A· v4 N/A· v3 2.1 LOW· v2 The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
CVE-2010-4170 1Systemtap 1Systemtap Apr 29, 2026 Dec 7, 2010 N/A· v4 N/A· v3 7.2 HIGH· v2 The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a m...Show more The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.Show less
CVE-2010-0412 1Systemtap 1Systemtap Apr 29, 2026 Feb 25, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vul...Show more stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.Show less
CVE-2010-0411 1Systemtap 1Systemtap Apr 29, 2026 Feb 8, 2010 N/A· v4 N/A· v3 4.9 MEDIUM· v2 Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or ha...Show more Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.Show less
CVE-2009-4273 1Systemtap 1Systemtap Apr 29, 2026 Jan 26, 2010 N/A· v4 N/A· v3 10.0 HIGH· v2 stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.
CVE-2009-2911 1Systemtap 1Systemtap Apr 23, 2026 Oct 22, 2009 N/A· v4 N/A· v3 1.9 LOW· v2 SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number...Show more SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.Show less
CVE-2009-0784 2Debian Systemtap 2Debian Linux Systemtap Apr 23, 2026 Mar 25, 2009 N/A· v4 N/A· v3 6.3 MEDIUM· v2 Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.