CVE-2010-4171

EPSS 0.06%
Published 07.12.2010 22:00:02
Last modified 11.04.2025 00:51:21
Source secalert@redhat.com
Teams watchlist Login
Open Login

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).

Affected products Warnungen 0 Metrics 2 CWE 1 References 18

Data is provided by the National Vulnerability Database (NVD)

Systemtap ≫ Systemtap Version1.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.06%	0.165

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html

http://secunia.com/advisories/42256

Vendor Advisory

http://secunia.com/advisories/42263

Vendor Advisory

http://secunia.com/advisories/42318

Vendor Advisory

http://secunia.com/advisories/46920

http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2

http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html