| Summary: | systemtap missing security update for CVE-2011-1769 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | |
| Severity: | normal | ||
| Priority: | Normal | CC: | dmorganec, sysadmin-bugs, tmb |
| Version: | 1 | Keywords: | Triaged, validated_update |
| Target Milestone: | --- | ||
| Hardware: | i586 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | systemtap-1.3-1.mga1.src.rpm | CVE: | |
| Status comment: | |||
|
Description
David Walser
2011-12-30 06:10:20 CET
Hi, thanks for reporting this bug. Assigned to the package maintainer. (Please set the status to 'assigned' if you are working on it) Keywords:
(none) =>
Triaged dmorgan tells me this is built in updates_testing CC:
(none) =>
dmorganec yes sorry this is now in updates_testing: src.rpm: systemtap Test successful on i586. I followed the upstream documentation here for a testcase: http://sourceware.org/systemtap/SystemTap_Beginners_Guide/using-systemtap.html I had to make sure the following packages were installed: kernel-desktop-devel-2.6.38.8-8.mga-1-1.mga1 kernel-desktop-2.6.38.8-8.mga-debug-1-1.mga1 kernel-desktop-2.6.38.8-8.mga-1-1.mga1 Note the debug one has to be installed, which is available from different media. Then I ran this command to test: stap -v -e 'probe vfs.read {printf("read performed\n"); exit()}' The important thing is that Pass 5 doesn't fail. Output should be similar to the following: Pass 1: parsed user script and 72 library script(s) using 16888virt/12532res/1700shr kb, in 200usr/30sys/217real ms. Pass 2: analyzed script: 1 probe(s), 22 function(s), 3 embed(s), 1 global(s) using 154496virt/61428res/4736shr kb, in 1510usr/340sys/2030real ms. Pass 3: using cached /root/.systemtap/cache/78/stap_782645de20a3fdfb6e52a1bd66613ed5_10699.c Pass 4: using cached /root/.systemtap/cache/78/stap_782645de20a3fdfb6e52a1bd66613ed5_10699.ko Pass 5: starting run. read performed Pass 5: run completed in 30usr/170sys/485real ms. kernel-desktop-2.6.38.8-9.mga-debug-1-1.mga1
kernel-desktop-devel-2.6.38.8-9.mga-1-1.mga1
kernel-desktop-devel-latest-2.6.38.8-9.mga1
kernel-desktop-2.6.38.8-9.mga-1-1.mga1
[root@vosdook ~]# stap -v -e 'probe vfs.read {printf("read performed\n"); exit()}'
Pass 1: parsed user script and 75 library script(s) using 60024virt/24580res/1828shr kb, in 140usr/10sys/205real ms.
Pass 2: analyzed script: 1 probe(s), 22 function(s), 3 embed(s), 1 global(s) using 254584virt/109652res/6848shr kb, in 1150usr/190sys/2908real ms.
Pass 3: translated to C into "/tmp/stap3tYqre/stap_d794be214d2686aa27f0fcae29f7e935_10769.c" using 244968virt/106360res/6380shr kb, in 350usr/10sys/373real ms.
Pass 4: compiled C into "stap_d794be214d2686aa27f0fcae29f7e935_10769.ko" in 4830usr/840sys/9432real ms.
Pass 5: starting run.
read performed
Pass 5: run completed in 20usr/50sys/342real ms.
Testing complete on x86_64 thanks for the test procedure.
(250*5 only for one kernel, the core/updates_debug will again increase :) )
Suggested Advisory:
-------------
This update addresses the folloving CVE:
- CVE-2011-1769
SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access.
-------------
SRPM: systemtap
Could sysadmin please push from core/updates_testing to core/updates
Thankyou!Keywords:
(none) =>
validated_update Update pushed. Status:
NEW =>
RESOLVED |