CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-0875

MEDIUM
5.4
CVSS Severity Score
EPSS Score0.0600%
EPSS Percentile15.12th
Published2014年2月4日
Last Modified2026年4月29日

Vulnerability Description

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.

Affected Platforms (CPE)

📦
Systemtap

Systemtap

= 1.6.7
📦
Systemtap

Systemtap

= 1.7

References & Advisories

🔗 http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html
🔗 http://permalink.gmane.org/gmane.comp.security.oss.general/6987
🔗 http://rhn.redhat.com/errata/RHSA-2012-0376.html
🔗 http://securitytracker.com/id?1026777
🔗 http://sourceware.org/bugzilla/show_bug.cgi?id=13714
🔗 http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b
🔗 http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html
🔗 http://permalink.gmane.org/gmane.comp.security.oss.general/6987

相关漏洞威胁

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...

CVE-2010-04127.5

stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an ...

CVE-2010-41707.2

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local us...

CVE-2009-07846.3

Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrar...