CVE-2010-0411

2010-02-08 21:30:01 2017-09-19 03:30:22

Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.

Vector

LOCAL

Complexity

LOW

Authentication

NONE

Confidentiality

NONE

Integrity

NONE

Availability

COMPLETE

SystemTap 1.1

Systemtap - Systemtap

Advisory	Patch	Confirmed	Link
			https://bugzilla.redhat.com/show_bug.cgi?id=559719
			ADV-2010-1001
			38120
			RHSA-2010:0124
			RHSA-2010:0125
			http://sourceware.org/git/gitweb.cgi?p=systemtap.git;a=c...
			http://sourceware.org/bugzilla/show_bug.cgi?id=11234
			1023664
			[oss-security] 20100204 systemtap DoS issue (CVE-2010-04...
			SUSE-SR:2010:010
			FEDORA-2010-1720
			FEDORA-2010-1373

CVE-2010-0411

2010-02-08 21:30:01 2017-09-19 03:30:22

Vector

Complexity

Authentication

Confidentiality

Integrity

Availability

Numeric Errors (ID 189)