Mandriva Update For Systemtap MDVSA-2011:154 (systemtap) Network Vulnerability

Solution

Please Install the Updated Packages.

Insight

A vulnerability has been discovered and corrected in systemtap: SystemTap 1.4 and earlier, when unprivileged (aka stapusr) mode is enabled, allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted ELF program with DWARF expressions that are not properly handled by a stap script that performs context variable access (CVE-2011-1769). The updated packages have been patched to correct this issue.

Affected

systemtap on Mandriva Linux 2010.1, Mandriva Linux 2010.1/X86_64

Severity

Classification

CVE CVE-2011-1769

CVSS	Base Score: 1.2 AV:L/AC:H/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Mandriva Update for timezone MDVA-2011:072 (timezone)
Mandriva Update for spamassassin MDKSA-2007:125 (spamassassin)
Mandriva Security Advisory MDVSA-2009:224-1 (postfix)
Mandriva Update for urpmi MDVA-2008:175 (urpmi)
Mandriva Update for ncpfs MDVSA-2010:061 (ncpfs)

Mandriva Update for systemtap MDVSA-2011:154 (systemtap)

Take action and discover your vulnerabilities