CyberSec.Space Logo
Back to CVE Browser

CVE-2009-0784

MEDIUM
6.3
CVSS Severity Score
EPSS Score0.1470%
EPSS Percentile20.20th
PublishedMar 25, 2009
Last ModifiedApr 23, 2026

Vulnerability Description

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.

Affected Platforms (CPE)

πŸ“¦
Systemtap

Systemtap

= 0.0.20080705
πŸ“¦
Systemtap

Systemtap

= 0.0.20090314
πŸ’»
Debian

Debian Linux

= 4.0
πŸ’»
Debian

Debian Linux

= 5.0

References & Advisories

πŸ”— http://secunia.com/advisories/34441
πŸ”— http://secunia.com/advisories/34479
πŸ”— http://secunia.com/advisories/34548
πŸ”— http://support.avaya.com/elmodocs2/security/ASA-2009-110.htm
πŸ”— http://www.debian.org/security/2009/dsa-1755
πŸ”— http://www.redhat.com/support/errata/RHSA-2009-0373.html
πŸ”— http://www.vupen.com/english/advisories/2009/0907
πŸ”— https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11613

Related Vulnerabilities

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...

CVE-2010-04127.5

stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an ...

CVE-2010-41707.2

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local us...

CVE-2012-08755.4

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive infor...