CVE-2011-2503

Published Jul 26, 2012

Last updated a year ago

CVSS info 3.7

Overview

Description: The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
Source: secalert@redhat.com
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 3.7
Impact score: 6.4
Exploitability score: 1.9
Vector string: AV:L/AC:H/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-20

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "44665B6E-F588-42BD-9901-268D4DD93BAF",
            "versionEndIncluding": "1.5"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39"
          },
          {
            "criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References