SciLinux: CVE-2009-0784 Moderate: systemtap SL4.x, SL5.x i386/x86

Date:         Mon, 13 Apr 2009 12:28:09 -0500
Reply-To:     Troy Dawson 
Sender:       Security Errata for Scientific Linux
              
From:         Troy Dawson 
Subject:      Security ERRATA Moderate: systemtap on SL4.x, SL5.x i386/x86_64
Comments: To: "scientific-linux-errata@fnal.gov"
          

Synopsis:	Moderate: systemtap security update
Issue date:	2009-03-26
CVE Names:	CVE-2009-0784

A race condition was discovered in SystemTap that could allow users in the
stapusr group to elevate privileges to that of members of the stapdev group
(and hence root), bypassing directory confinement restrictions and allowing
them to insert arbitrary SystemTap kernel modules. (CVE-2009-0784)

SL 4.x

      SRPMS:
systemtap-0.6.2-2.el4_7.src.rpm
      i386:
systemtap-0.6.2-2.el4_7.i386.rpm
systemtap-runtime-0.6.2-2.el4_7.i386.rpm
systemtap-testsuite-0.6.2-2.el4_7.i386.rpm
      x86_64:
systemtap-0.6.2-2.x86_64.rpm
systemtap-runtime-0.6.2-2.x86_64.rpm
systemtap-testsuite-0.6.2-2.x86_64.rpm

SL 5.x

      SRPMS:
systemtap-0.7.2-3.el5_3.src.rpm
      i386:
systemtap-0.7.2-3.el5_3.i386.rpm
systemtap-client-0.7.2-3.el5_3.i386.rpm
systemtap-runtime-0.7.2-3.el5_3.i386.rpm
systemtap-server-0.7.2-3.el5_3.i386.rpm
systemtap-testsuite-0.7.2-3.el5_3.i386.rpm
   Dependancies:
elfutils-0.137-3.el5.i386.rpm
elfutils-devel-0.137-3.el5.i386.rpm
elfutils-devel-static-0.137-3.el5.i386.rpm
elfutils-libelf-0.137-3.el5.i386.rpm
elfutils-libelf-devel-0.137-3.el5.i386.rpm
elfutils-libelf-devel-static-0.137-3.el5.i386.rpm
elfutils-libs-0.137-3.el5.i386.rpm
      x86_64:
systemtap-0.7.2-3.el5_3.x86_64.rpm
systemtap-client-0.7.2-3.el5_3.x86_64.rpm
systemtap-runtime-0.7.2-3.el5_3.x86_64.rpm
systemtap-server-0.7.2-3.el5_3.x86_64.rpm
systemtap-testsuite-0.7.2-3.el5_3.x86_64.rpm
   Dependancies:
elfutils-0.137-3.el5.x86_64.rpm
elfutils-devel-0.137-3.el5.i386.rpm
elfutils-devel-0.137-3.el5.x86_64.rpm
elfutils-devel-static-0.137-3.el5.i386.rpm
elfutils-devel-static-0.137-3.el5.x86_64.rpm
elfutils-libelf-0.137-3.el5.i386.rpm
elfutils-libelf-0.137-3.el5.x86_64.rpm
elfutils-libelf-devel-0.137-3.el5.i386.rpm
elfutils-libelf-devel-0.137-3.el5.x86_64.rpm
elfutils-libelf-devel-static-0.137-3.el5.i386.rpm
elfutils-libelf-devel-static-0.137-3.el5.x86_64.rpm
elfutils-libs-0.137-3.el5.i386.rpm
elfutils-libs-0.137-3.el5.x86_64.rpm

-Connie Sieh
-Troy Dawson

Date: Mon, 13 Apr 2009 12:28:09 -0500Reply-To: Troy Dawson Sender: Security Errata for Scientific Linux From: Troy Dawson Subject: Security ERRATA Moderate: systemtap on SL4.x, SL5.x i386/x86_64Comments: To: "scientific-linux-errata@fnal.gov" Synopsis: Moderate: systemtap security updateIssue date: 2009-03-26CVE Names: CVE-2009-0784A race condition was discovered in SystemTap that could allow users in thestapusr group to elevate privileges to that of members of the stapdev group(and hence root), bypassing directory confinement restrictions and allowingthem to insert arbitrary SystemTap kernel modules. (CVE-2009-0784)SL 4.x SRPMS:systemtap-0.6.2-2.el4_7.src.rpm i386:systemtap-0.6.2-2.el4_7.i386.rpmsystemtap-runtime-0.6.2-2.el4_7.i386.rpmsystemtap-testsuite-0.6.2-2.el4_7.i386.rpm x86_64:systemtap-0.6.2-2.x86_64.rpmsystemtap-runtime-0.6.2-2.x86_64.rpmsystemtap-testsuite-0.6.2-2.x86_64.rpmSL 5.x SRPMS:systemtap-0.7.2-3.el5_3.src.rpm i386:systemtap-0.7.2-3.el5_3.i386.rpmsystemtap-client-0.7.2-3.el5_3.i386.rpmsystemtap-runtime-0.7.2-3.el5_3.i386.rpmsystemtap-server-0.7.2-3.el5_3.i386.rpmsystemtap-testsuite-0.7.2-3.el5_3.i386.rpm Dependancies:elfutils-0.137-3.el5.i386.rpmelfutils-devel-0.137-3.el5.i386.rpmelfutils-devel-static-0.137-3.el5.i386.rpmelfutils-libelf-0.137-3.el5.i386.rpmelfutils-libelf-devel-0.137-3.el5.i386.rpmelfutils-libelf-devel-static-0.137-3.el5.i386.rpmelfutils-libs-0.137-3.el5.i386.rpm x86_64:systemtap-0.7.2-3.el5_3.x86_64.rpmsystemtap-client-0.7.2-3.el5_3.x86_64.rpmsystemtap-runtime-0.7.2-3.el5_3.x86_64.rpmsystemtap-server-0.7.2-3.el5_3.x86_64.rpmsystemtap-testsuite-0.7.2-3.el5_3.x86_64.rpm Dependancies:elfutils-0.137-3.el5.x86_64.rpmelfutils-devel-0.137-3.el5.i386.rpmelfutils-devel-0.137-3.el5.x86_64.rpmelfutils-devel-static-0.137-3.el5.i386.rpmelfutils-devel-static-0.137-3.el5.x86_64.rpmelfutils-libelf-0.137-3.el5.i386.rpmelfutils-libelf-0.137-3.el5.x86_64.rpmelfutils-libelf-devel-0.137-3.el5.i386.rpmelfutils-libelf-devel-0.137-3.el5.x86_64.rpmelfutils-libelf-devel-static-0.137-3.el5.i386.rpmelfutils-libelf-devel-static-0.137-3.el5.x86_64.rpmelfutils-libs-0.137-3.el5.i386.rpmelfutils-libs-0.137-3.el5.x86_64.rpm-Connie Sieh-Troy Dawson

What Are You Looking For?

SciLinux: CVE-2009-0784 Moderate: systemtap SL4.x, SL5.x i386/x86_64

Summary

Security Fixes

Krasue RAT Malware Hides on Linux Servers Using Embedded Rootkits

Kali Linux 2023.4 Released With New Hacking Tools

Nitrux 3.2.0 Linux Distro Released with Enhanced Security and New Features

Severe Firefox, Thunderbird Bugs Could Lead to System Takeover

News

Advisories

HOWTOs

Features

Password Guessing as an Attack Vector

Using Open Source to Ensure Compliance & Data Integrity through Data Governance

Critical Linux Kernel Bugs Lead to DoS, Privilege Escalation - Patch Now!

Unlocking the Future of Authentication: Passkeys vs. Passwords

Empowering MSPs with Straightforward Linux Device Management

About Us

Powered By