fkie_cve-2011-2503
Vulnerability from fkie_nvd
Published
2012-07-26 19:55
Modified
2025-04-11 00:51
Severity ?
Summary
The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization.
References
secalert@redhat.comhttp://secunia.com/advisories/45377Vendor Advisory
secalert@redhat.comhttp://secunia.com/advisories/46920Vendor Advisory
secalert@redhat.comhttp://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8
secalert@redhat.comhttp://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3
secalert@redhat.comhttp://www.debian.org/security/2011/dsa-2348
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/45377Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/46920Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8
af854a3a-2127-422b-91ae-364da2661108http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2011/dsa-2348
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503
Impacted products
Vendor Product Version
systemtap systemtap *
systemtap systemtap 0.2.2
systemtap systemtap 0.3
systemtap systemtap 0.4
systemtap systemtap 0.5
systemtap systemtap 0.5.3
systemtap systemtap 0.5.4
systemtap systemtap 0.5.5
systemtap systemtap 0.5.7
systemtap systemtap 0.5.8
systemtap systemtap 0.5.9
systemtap systemtap 0.5.10
systemtap systemtap 0.5.12
systemtap systemtap 0.5.13
systemtap systemtap 0.5.14
systemtap systemtap 0.6
systemtap systemtap 0.6.2
systemtap systemtap 0.7
systemtap systemtap 0.7.2
systemtap systemtap 0.8
systemtap systemtap 0.9
systemtap systemtap 0.9.5
systemtap systemtap 0.9.7
systemtap systemtap 0.9.8
systemtap systemtap 0.9.9
systemtap systemtap 1.0
systemtap systemtap 1.1
systemtap systemtap 1.2
systemtap systemtap 1.3
systemtap systemtap 1.4


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "44665B6E-F588-42BD-9901-268D4DD93BAF",
              "versionEndIncluding": "1.5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "04AE85B6-FE8D-4DD1-BECE-6B7146CF9D73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "E150AE05-60B4-4ECE-AEFA-3A230DAEBCA5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "36FBF185-3189-40C2-B51B-2531F2D88602",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "C62AFF32-856E-4EF9-A87F-C06B6FEEE31F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "57C746CB-8DFE-4795-931F-42050D7FBEB4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "986B653D-5CF2-454C-A38F-172D2256E20C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF5E8C63-D68F-4ACA-B0DC-1D9EF6A3BFA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD56E555-180D-45C3-9311-EFB32F480035",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "74215553-AB86-4184-B3AB-D82B20275ED6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "5044754F-66CD-4D17-8874-7303D9F2DCE2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC674046-FC4F-4262-8F71-4DEECAEC1A1C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.12:*:*:*:*:*:*:*",
              "matchCriteriaId": "7A621722-6DD4-461D-AD74-461B9C10C772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "9B5B77E9-F98C-4310-8D6A-E41A27CD559A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.5.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "B6E9824F-8977-4CE6-BA05-E8899E41066E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "FF58A998-52F0-4BCA-9FF7-FCCC28E6FCE1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.6.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "C2327CA9-5A80-4C86-BAF6-A9E3BB7085C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "6627D143-6E8D-40DE-BBD0-308FF1B200D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1AE49CA-424E-4328-A348-98F2C847D8FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "19E88BF9-1403-40F9-A64E-A1FEFEFC4E2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "3E12D5C4-4BC6-4802-B5CE-5D5A41FB3B71",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "6FD4201A-64B5-4DCC-9696-BD0F8780D200",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "C3FEDD7F-969D-422C-A899-9550EC52EBD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "F37EBCB6-8056-466C-B2AB-385DF48EEA8F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:0.9.9:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D795EA7-04FC-4D0E-9944-6C9D4882A897",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7C36C437-D28D-452A-BAF0-4A618A61920B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:1.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "5AB898A5-C8EF-4BBA-B480-00461218FC3B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "D06D7E42-666F-43CE-8BE3-0EE915450CC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:1.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "3D031679-0C77-4645-B488-DA29BB81FA39",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:systemtap:systemtap:1.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CE5CA99B-6DED-4395-BFE0-C8DB7F504AF0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The insert_module function in runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate a module when loading it, which allows local users to gain privileges via a race condition between the signature validation and the module initialization."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n insert_module en tiempo de ejecuci\u00f3n/staprun/staprun_funcs.c en la herramienta de tiempo de ejecuci\u00f3n systemtap (staprun) en SystemTap antes de v1.6 no valida correctamente un m\u00f3dulo cuando se carga, lo que permite a usuarios locales conseguir privilegios a trav\u00e9s de una condici\u00f3n de carrera entre la validaci\u00f3n de la firma y el m\u00f3dulo de inicializaci\u00f3n.\r\n"
    }
  ],
  "id": "CVE-2011-2503",
  "lastModified": "2025-04-11T00:51:21.963",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "HIGH",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 3.7,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:L/AC:H/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 1.9,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2012-07-26T19:55:00.793",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45377"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46920"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.debian.org/security/2011/dsa-2348"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/45377"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/46920"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=ed51cfa24ca27746ab09b59280b94117dd58cba3"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2011/dsa-2348"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2011-2503"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.