CVE Tools

systemtap

Operating Systemsoss-project

11

Cumulative CVEs

7

Monthly snapshots

#45

Peak rank

Top products

Latest CVEs

The 12 most recently published vulnerabilities affecting systemtap.

CVE-2012-0875SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel pani...5.4Feb 4, 2014
CVE-2011-2503The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local...3.7Jul 26, 2012
CVE-2011-2502runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, ...4.4Jul 26, 2012
CVE-2011-1781SystemTap 1.4, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that...1.2Aug 29, 2011
CVE-2011-1769SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expr...1.2Aug 29, 2011
CVE-2010-4171The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary k...2.1Dec 7, 2010
CVE-2010-4170The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment ...7.2Dec 7, 2010
CVE-2010-0412stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make p...7.5Feb 25, 2010
CVE-2010-0411Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash...4.9Feb 8, 2010
CVE-2009-4273stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command-line arguments in a request.10.0Jan 26, 2010
CVE-2009-2911SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operat...1.9Oct 22, 2009
CVE-2009-0784Race condition in the SystemTap stap tool 0.0.20080705 and 0.0.20090314 allows local users in the stapusr group to insert arbitrary SystemTap kernel modules and gain privileges via unknown vectors.6.3Mar 25, 2009