The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).
Max CVSS
2.1
EPSS Score
0.04%
Published
2010-12-07
Updated
2023-02-13
Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
Max CVSS
4.9
EPSS Score
0.06%
Published
2010-02-08
Updated
2023-02-13
2 vulnerabilities found