Red Hat Bugzilla – Bug 716476
CVE-2011-2502 systemtap: insufficient security check when loading uprobes kernel module
Last modified: 2016-11-08 11:27:42 EST
It was found that systemtap runtime tool (staprun) did not properly enforce
the module's path sanity check, when the ad-hoc module instrumentation via
user-space probing with user-specified module path was requested. A local
user, member of the 'stapusr' group could use this flaw to escalate their
This issue did NOT affect the versions of the systemtap package, as shipped
with Red Hat Enterprise Linux 4 and 5 as they do not provide support for
loading of user-space probing modules from user-specified locations yet.
This issue affects the version of the systemtap package, as shipped with
Red Hat Enterprise Linux 6.
This issue affects the versions of the systemtap package, as shipped with
Fedora release of 14 and 15.
Created attachment 509874 [details]
Don't allow path-based auth for uprobes
Created systemtap tracking bugs for this issue
Affects: fedora-all [bug 725578]
This issue has been addressed in following products:
Red Hat Enterprise Linux 6
Via RHSA-2011:1088 https://rhn.redhat.com/errata/RHSA-2011-1088.html