CVE-2010-4171

EPSS 0.06%
Veröffentlicht 07.12.2010 22:00:02
Zuletzt bearbeitet 11.04.2025 00:51:21
Quelle secalert@redhat.com
Teams Watchlist Login
Unerledigt Login

The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loaded by SystemTap, which allows local users to cause a denial of service (unloading of arbitrary kernel modules).

Betroffene Produkte Warnungen 0 Metriken 2 CWE 1 Referenzen 18

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Systemtap ≫ Systemtap Version1.3

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.06%	0.165

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	2.1	3.9	2.9	AV:L/AC:L/Au:N/C:N/I:N/A:P

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051115.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051122.html

http://lists.fedoraproject.org/pipermail/package-announce/2010-November/051127.html

http://secunia.com/advisories/42256

Vendor Advisory

http://secunia.com/advisories/42263

Vendor Advisory

http://secunia.com/advisories/42318

Vendor Advisory

http://secunia.com/advisories/46920

http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commit%3Bh=b7565b41228bea196cefa3a7d43ab67f8f9152e2

http://sources.redhat.com/ml/systemtap/2010-q4/msg00230.html