CVE-2011-1769

CVSS v2.0

1.2

Low

Vector

AV:L/AC:H/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions SystemTap versions 1.4 and earlier

Description The issue allows local users to cause a denial of service via a crafted ELF program with DWARF expressions that are not properly handled by a stap script, leading to a divide-by-zero error and OOPS. This can result in disruption of protected information availability. The exploitation can be carried out locally.

Recommendations For SystemTap versions 1.4 and earlier, as a temporary workaround, consider disabling the stap script that performs context variable access until a patch is available. Restrict access to the SystemTap functionality to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-189

Related Identifiers

BDU:2015-06673

BDU:2015-06674

BDU:2015-06675

BDU:2015-06676

BDU:2015-06677

BDU:2015-06678

BDU:2015-06679

BDU:2015-08742

BDU:2015-08743

BDU:2015-08744

BDU:2015-08745

BDU:2015-08746

BDU:2015-08747

BDU:2015-08748

CVE-2011-1769

RHSA-2011:0841

RHSA-2011:0842

RHSA-2011_0841

RHSA-2011_0842

Affected Products

Red Hat

Systemtap

CVE-2011-1769

Weakness Enumeration

Related Identifiers

Affected Products

References · 33