Vulnerability Details : CVE-2009-2911
Potential exploit
SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.
Vulnerability category: Denial of service
Products affected by CVE-2009-2911
- cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2009-2911
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2009-2911
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
1.9
|
LOW | AV:L/AC:M/Au:N/C:N/I:N/A:P |
3.4
|
2.9
|
NIST |
CWE ids for CVE-2009-2911
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2009-2911
-
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=41633
41633 – -Wframe-larger-than should warn about outgoing function calls, specifically varargs
-
http://www.vupen.com/english/advisories/2009/2989
Site en constructionVendor Advisory
-
http://www.securityfocus.com/bid/36778
-
https://bugzilla.redhat.com/show_bug.cgi?id=529175
529175 – (CVE-2009-2911) CVE-2009-2911 SystemTap 1.0: Multiple denial of service flaws once --unprivileged mode is activated
-
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00627.html
[SECURITY] Fedora 11 Update: systemtap-1.0-2.fc11
-
https://www.redhat.com/archives/fedora-package-announce/2009-October/msg00793.html
[SECURITY] Fedora 10 Update: systemtap-1.0-2.fc10
-
http://www.openwall.com/lists/oss-security/2009/10/21/1
oss-security - CVE assignment notification -- CVE-2009-2911 - Three SystemTap-1.0 DoS issuesPatch
-
http://sources.redhat.com/bugzilla/show_bug.cgi?id=10750
Exploit
Jump to