Security Advisory

CVE-2011-2502

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2012-07-26 19:00:00
Last updated 2024-09-16 20:42:11
Assigner redhat
State PUBLISHED

Description

runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.