Vulnerabilities

CVE-2010-4170

by Fred · 07/12/2010

The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing modprobe, which allows local users to gain privileges by setting the MODPROBE_OPTIONS environment variable to specify a malicious configuration file.

Date published : 2010-12-07

http://www.securityfocus.com/bid/44914

http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commit;h=b7565b41228bea196cefa3a7d43ab67f8f9152e2

Similar

Tags: Cybersecurity Alert