Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.4
CVSSv2

CVE-2012-0875

Published: 04/02/2014 Updated: 13/02/2023
CVSS v2 Base Score: 5.4 | Impact Score: 7.8 | Exploitability Score: 3.4
VMScore: 481
Vector: AV:L/AC:M/Au:N/C:P/I:N/A:C
Subscribe to Systemtap

Vulnerability Summary

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

systemtap systemtap 1.7

systemtap systemtap 1.6.7

Vendor Advisories

Red Hat: Moderate: systemtap security update
Synopsis Moderate: systemtap security update Type/Severity Security Advisory: Moderate Topic Updated systemtap packages that fix one security issue are now availablefor Red Hat Enterprise Linux 5 and 6The Red Hat Security Response Team has rated this update as having moderatesecurity impact A Common Vulne ...
Debian CVElist Bug Report Logs: CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data
Debian Bug report logs - #660886 CVE-2012-0875: systemtap memory disclosure/kernel panic when processing malformed DWARF unwind data Package: src:systemtap; Maintainer for src:systemtap is Ritesh Raj Sarraf <rrs@debianorg>; Reported by: Timo Juhani Lindfors <timolindfors@ikifi> Date: Wed, 22 Feb 2012 17:15:05 UTC ...
Amazon Linux AMI: ALAS-2012-054
An invalid pointer read flaw was found in the way SystemTap handled malformed debugging information in DWARF format When SystemTap unprivileged mode was enabled, an unprivileged user in the stapusr group could use this flaw to crash the system or, potentially, read arbitrary kernel memory Additionally, a privileged user (root, or a member of the ...

References

CWE-264http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.htmlhttp://permalink.gmane.org/gmane.comp.security.oss.general/6987http://sourceware.org/bugzilla/show_bug.cgi?id=13714http://securitytracker.com/id?1026777http://rhn.redhat.com/errata/RHSA-2012-0376.htmlhttp://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3bhttps://access.redhat.com/errata/RHSA-2012:0376https://nvd.nist.govhttps://alas.aws.amazon.com/ALAS-2012-54.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322administrator privilegesCVE-2024-1579hardcodedCVE-2023-20198CVE-2024-33587CVE-2024-33449CVE-2024-4308HTML injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook