CVE-2012-0875

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.

Published: Feb 5, 2014
Updated: Apr 13, 2023
CVE: CVE-2012-0875
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5.4
AV:L/AC:M/Au:N/C:P/I:N/A:C

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
systemtap / systemtap	1.7	1.7.x
systemtap / systemtap	1.6.7	1.6.7.x

http://lists.opensuse.org/opensuse-updates/2013-03/msg00057.html
http://permalink.gmane.org/gmane.comp.security.oss.general/6987
http://rhn.redhat.com/errata/RHSA-2012-0376.html
http://securitytracker.com/id?1026777
http://sourceware.org/bugzilla/show_bug.cgi?id=13714
http://sourceware.org/git/?p=systemtap.git%3Ba=commit%3Bh=64b0cff3b

Vulnerability Database

290,020

CVE-2012-0875