Scientific Linux: 2011-07-25 Moderate: SystemTap Privilege Escalation Risk

Date: Tue, 30 Aug 2011 11:46:31 -0500
Reply-To: Troy Dawson 
Sender: Security Errata for Scientific Linux
 
From: Troy Dawson 
Subject: Security ERRATA Moderate: systemtap on SL5.x i386/x86_64
Comments: To: "This email address is being protected from spambots. You need JavaScript enabled to view it."
 
MIME-Version: 1.0

Synopsis:	Moderate: systemtap security update
Issue date:	2011-07-25
CVE Names:	CVE-2011-2503

SystemTap is an instrumentation system for systems running the Linux
kernel. The system allows developers to write scripts to collect data on
the operation of the system.

A race condition flaw was found in the way the staprun utility performed
module loading. A local user who is a member of the stapusr group could
use this flaw to modify a signed module while it is being loaded,
allowing them to escalate their privileges. (CVE-2011-2503)

SystemTap users should upgrade to these updated packages, which contain
a backported patch to correct this issue

SL 5.x

 SRPMS:
systemtap-1.3-9.el5.src.rpm
 i386:
systemtap-1.3-9.el5.i386.rpm
systemtap-client-1.3-9.el5.i386.rpm
systemtap-initscript-1.3-9.el5.i386.rpm
systemtap-runtime-1.3-9.el5.i386.rpm
systemtap-sdt-devel-1.3-9.el5.i386.rpm
systemtap-server-1.3-9.el5.i386.rpm
systemtap-testsuite-1.3-9.el5.i386.rpm
 x86_64:
systemtap-1.3-9.el5.x86_64.rpm
systemtap-client-1.3-9.el5.x86_64.rpm
systemtap-initscript-1.3-9.el5.x86_64.rpm
systemtap-runtime-1.3-9.el5.x86_64.rpm
systemtap-sdt-devel-1.3-9.el5.i386.rpm
systemtap-sdt-devel-1.3-9.el5.x86_64.rpm
systemtap-server-1.3-9.el5.x86_64.rpm
systemtap-testsuite-1.3-9.el5.x86_64.rpm

- Scientific Linux Development Team
lastline