Oval Definition:oval:com.redhat.rhsa:def:20111089
Revision Date:2011-07-25Version:636
Title:RHSA-2011:1089: systemtap security update (Moderate)
Description:SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system.

  • A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. (CVE-2011-2503)

    SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2011-2503
    RHSA-2011:1089
    RHSA-2011:1089-01
    RHSA-2011:1089-01
    Platform(s):Red Hat Enterprise Linux 5
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 5 is installed
  • AND
  • systemtap is earlier than 0:1.3-9.el5
  • AND systemtap is signed with Red Hat redhatrelease2 key
  • systemtap-client is earlier than 0:1.3-9.el5
  • AND systemtap-client is signed with Red Hat redhatrelease2 key
  • systemtap-initscript is earlier than 0:1.3-9.el5
  • AND systemtap-initscript is signed with Red Hat redhatrelease2 key
  • systemtap-runtime is earlier than 0:1.3-9.el5
  • AND systemtap-runtime is signed with Red Hat redhatrelease2 key
  • systemtap-sdt-devel is earlier than 0:1.3-9.el5
  • AND systemtap-sdt-devel is signed with Red Hat redhatrelease2 key
  • systemtap-server is earlier than 0:1.3-9.el5
  • AND systemtap-server is signed with Red Hat redhatrelease2 key
  • systemtap-testsuite is earlier than 0:1.3-9.el5
  • AND systemtap-testsuite is signed with Red Hat redhatrelease2 key
    • BACK