Vulnerability Details : CVE-2010-0411
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2010-0411
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 25 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2010-0411
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
4.9
|
MEDIUM | AV:L/AC:L/Au:N/C:N/I:N/A:C |
3.9
|
6.9
|
NIST |
CWE ids for CVE-2010-0411
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2010-0411
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035261.html
[SECURITY] Fedora 12 Update: systemtap-1.1-2.fc12
-
http://lists.opensuse.org/opensuse-security-announce/2010-04/msg00006.html
[security-announce] SUSE Security Summary Report: SUSE-SR:2010:010
-
http://www.vupen.com/english/advisories/2010/1001
Webmail | OVH- OVH
-
http://securitytracker.com/id?1023664
SystemTap Buffer Overflow in __get_argv() May Let Local Users Gain Elevated Privileges - SecurityTracker
-
http://sourceware.org/bugzilla/show_bug.cgi?id=11234
11234 – __get_argv can overflow its return buffer
-
http://www.securityfocus.com/bid/38120
SystemTap '__get_argv()' and '__get_compat_argv()' Local Memory Corruption VulnerabilitiesExploit
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9675
Repository / Oval Repository
-
http://www.redhat.com/support/errata/RHSA-2010-0124.html
Support
-
http://sourceware.org/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=a2d399c87a642190f08ede63dc6fc434a5a8363a
sourceware.org Git
-
http://www.redhat.com/support/errata/RHSA-2010-0125.html
Support
-
https://bugzilla.redhat.com/show_bug.cgi?id=559719
559719 – (CVE-2010-0411) CVE-2010-0411 systemtap: Crash with systemtap script using __get_argv()
-
http://marc.info/?l=oss-security&m=126530657715364&w=2
'[oss-security] systemtap DoS issue (CVE-2010-0411)' - MARC
-
http://lists.fedoraproject.org/pipermail/package-announce/2010-February/035201.html
[SECURITY] Fedora 11 Update: systemtap-1.1-2.fc11
Products affected by CVE-2010-0411
- cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*