Scientific Linux alert SL-syst-20110725 (systemtap) [LWN.net]


From:
    	       Troy Dawson <dawson@fnal.gov> 
To:
    	       "scientific-linux-errata@fnal.gov" <scientific-linux-errata@fnal.gov> 
Subject:
    	       Security ERRATA Moderate: systemtap on SL5.x i386/x86_64 
Date:
    	       Tue, 30 Aug 2011 11:46:31 -0500
Message-ID:
    	       <4E5D13E7.1000004@fnal.gov>
Archive-link:
    	       Article, Thread
              
Synopsis:	Moderate: systemtap security update
Issue date:	2011-07-25
CVE Names:	CVE-2011-2503

SystemTap is an instrumentation system for systems running the Linux
kernel. The system allows developers to write scripts to collect data on
the operation of the system.

A race condition flaw was found in the way the staprun utility performed
module loading. A local user who is a member of the stapusr group could 
use this flaw to modify a signed module while it is being loaded, 
allowing them to escalate their privileges. (CVE-2011-2503)

SystemTap users should upgrade to these updated packages, which contain 
a backported patch to correct this issue

SL 5.x

      SRPMS:
systemtap-1.3-9.el5.src.rpm
      i386:
systemtap-1.3-9.el5.i386.rpm
systemtap-client-1.3-9.el5.i386.rpm
systemtap-initscript-1.3-9.el5.i386.rpm
systemtap-runtime-1.3-9.el5.i386.rpm
systemtap-sdt-devel-1.3-9.el5.i386.rpm
systemtap-server-1.3-9.el5.i386.rpm
systemtap-testsuite-1.3-9.el5.i386.rpm
      x86_64:
systemtap-1.3-9.el5.x86_64.rpm
systemtap-client-1.3-9.el5.x86_64.rpm
systemtap-initscript-1.3-9.el5.x86_64.rpm
systemtap-runtime-1.3-9.el5.x86_64.rpm
systemtap-sdt-devel-1.3-9.el5.i386.rpm
systemtap-sdt-devel-1.3-9.el5.x86_64.rpm
systemtap-server-1.3-9.el5.x86_64.rpm
systemtap-testsuite-1.3-9.el5.x86_64.rpm

- Scientific Linux Development Team
(Log in to post comments)