CVE-2009-2911

Name of the Vulnerable Software and Affected Versions: SystemTap version 1.0

Description: The issue allows local users to cause a denial of service or gain privileges via certain operations that trigger kernel stack overflows. This can be achieved through print operations with a large number of arguments or crafted DWARF expressions. Additionally, it can cause a denial of service via infinite loops triggered by the creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.

Recommendations: For SystemTap version 1.0, avoid using the --unprivileged option until a patch is available. As a temporary workaround, consider restricting the number of arguments in print operations and limiting the complexity of DWARF expressions to minimize the risk of exploitation.