Skip to navigation

Security Advisory Important: systemtap security update

Advisory: RHSA-2010:0124-1
Type: Security Advisory
Severity: Important
Issued on: 2010-03-01
Last updated on: 2010-03-01
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
Red Hat Enterprise Linux EUS (v. 5.4.z server)
CVEs (cve.mitre.org): CVE-2009-4273
CVE-2010-0411

Details

Updated systemtap packages that fix two security issues are now available
for Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

SystemTap is an instrumentation system for systems running the Linux
kernel, version 2.6. Developers can write scripts to collect data on the
operation of the system.

A flaw was found in the SystemTap compile server, stap-server, an optional
component of SystemTap. This server did not adequately sanitize input
provided by the stap-client program, which may allow a remote user to
execute arbitrary shell code with the privileges of the compile server
process, which could possibly be running as the root user. (CVE-2009-4273)

Note: stap-server is not run by default. It must be started by a user or
administrator.

A buffer overflow flaw was found in SystemTap's tapset __get_argv()
function. If a privileged user ran a SystemTap script that called this
function, a local, unprivileged user could, while that script is still
running, trigger this flaw and cause memory corruption by running a command
with a large argument list, which may lead to a system crash or,
potentially, arbitrary code execution with root privileges. (CVE-2010-0411)

Note: SystemTap scripts that call __get_argv(), being a privileged
function, can only be executed by the root user or users in the stapdev
group. As well, if such a script was compiled and installed by root, users
in the stapusr group would also be able to execute it.

SystemTap users should upgrade to these updated packages, which contain
backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
systemtap-0.9.7-5.el5_4.3.src.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1a70491489279f96bb79b1ad2830e141
 
IA-32:
systemtap-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: a36e933a659c9d7cdf1a5ba606c56737
systemtap-client-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0f8bcb040b98a8798e9fbf2de08fd242
systemtap-initscript-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 991d711b2cbcace29184678e694be137
systemtap-runtime-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1cb8e2561222d3fecb60abc4b03c5f46
systemtap-sdt-devel-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 06946b45de9cb2747ca236e43248b18c
systemtap-server-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: c03dd8b199bdfcb5c4e1000e9fcbc007
systemtap-testsuite-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0ba7a7f1ba8a20f232c648f04232d9f6
 
IA-64:
systemtap-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: cfbe54d2eff990a9794418e49d54cde7
systemtap-client-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: e4d9d88197d9badcb0b63ab3b298caa2
systemtap-initscript-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: b2077876eae12ae2a9087cd90b937d8d
systemtap-runtime-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0dd388227be76269be5d6e7a579a28b3
systemtap-sdt-devel-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: f8d49ecde22af38144f255f8f2140ced
systemtap-server-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: aeadc3cbddec036f9665608ca1e3e6ef
systemtap-testsuite-0.9.7-5.el5_4.3.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 23a72b9801474d1c4a44092c716d9804
 
PPC:
systemtap-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 20d14900920e37876ae70d9512618573
systemtap-client-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: a3363c209658043f23ac8f77078ff869
systemtap-initscript-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 69ebb18ed52aed668ea934335387143d
systemtap-runtime-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 3d7b5de8e4b55972a919437615cd64da
systemtap-sdt-devel-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: cc5b0ec75ee16182e6524e0664baef91
systemtap-server-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: ac6e630fe0c4a4c7af48f20c446b8683
systemtap-testsuite-0.9.7-5.el5_4.3.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: a8463120915225ea1631f9c18ff6ac8a
 
s390x:
systemtap-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: a502fa63a5432ee811a6f896bf19c468
systemtap-client-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 9c09f900f6a34e01e243d4ea269b8e47
systemtap-initscript-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0b3b5b3b32e2cf05d3cd98cb16105683
systemtap-runtime-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: e83fc219dc83dcb24a09c1418e7c5242
systemtap-sdt-devel-0.9.7-5.el5_4.3.s390.rpm
File outdated by:  RHBA-2013:0058
    MD5: b4f36cc6cfbc2d75b198248a50af825e
systemtap-sdt-devel-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: decd1a703b223b7f138c3b58a77458a6
systemtap-server-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 44061b50afbcbbce8ce5b109fae4a658
systemtap-testsuite-0.9.7-5.el5_4.3.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 8452471ba8a88d2902c0ec3f087a3a23
 
x86_64:
systemtap-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: f972faae78d17b60235f8fe8b99e48b1
systemtap-client-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 8f776aa59fac45421477a6112f02781f
systemtap-initscript-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: efecfc1ae77ea70138ec2bc7582538b1
systemtap-runtime-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: e7bf07fe4ed32f1fca93cee0227d7583
systemtap-sdt-devel-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 06946b45de9cb2747ca236e43248b18c
systemtap-sdt-devel-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: f06dc9454b618d4bd964605761060eb8
systemtap-server-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 03a62cacb29edfd5934c742b3865f936
systemtap-testsuite-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 3772407bb7f597d8a5a0860a25998fcd
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
systemtap-0.9.7-5.el5_4.3.src.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1a70491489279f96bb79b1ad2830e141
 
IA-32:
systemtap-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: a36e933a659c9d7cdf1a5ba606c56737
systemtap-client-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0f8bcb040b98a8798e9fbf2de08fd242
systemtap-initscript-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 991d711b2cbcace29184678e694be137
systemtap-runtime-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1cb8e2561222d3fecb60abc4b03c5f46
systemtap-sdt-devel-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 06946b45de9cb2747ca236e43248b18c
systemtap-server-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: c03dd8b199bdfcb5c4e1000e9fcbc007
systemtap-testsuite-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHSA-2012:0376
    MD5: 0ba7a7f1ba8a20f232c648f04232d9f6
 
x86_64:
systemtap-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: f972faae78d17b60235f8fe8b99e48b1
systemtap-client-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 8f776aa59fac45421477a6112f02781f
systemtap-initscript-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: efecfc1ae77ea70138ec2bc7582538b1
systemtap-runtime-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: e7bf07fe4ed32f1fca93cee0227d7583
systemtap-sdt-devel-0.9.7-5.el5_4.3.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 06946b45de9cb2747ca236e43248b18c
systemtap-sdt-devel-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: f06dc9454b618d4bd964605761060eb8
systemtap-server-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 03a62cacb29edfd5934c742b3865f936
systemtap-testsuite-0.9.7-5.el5_4.3.x86_64.rpm
File outdated by:  RHSA-2012:0376
    MD5: 3772407bb7f597d8a5a0860a25998fcd
 
Red Hat Enterprise Linux EUS (v. 5.4.z server)

SRPMS:
systemtap-0.9.7-5.el5_4.3.src.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1a70491489279f96bb79b1ad2830e141
 
IA-32:
systemtap-0.9.7-5.el5_4.3.i386.rpm     MD5: a36e933a659c9d7cdf1a5ba606c56737
systemtap-client-0.9.7-5.el5_4.3.i386.rpm     MD5: 0f8bcb040b98a8798e9fbf2de08fd242
systemtap-initscript-0.9.7-5.el5_4.3.i386.rpm     MD5: 991d711b2cbcace29184678e694be137
systemtap-runtime-0.9.7-5.el5_4.3.i386.rpm     MD5: 1cb8e2561222d3fecb60abc4b03c5f46
systemtap-sdt-devel-0.9.7-5.el5_4.3.i386.rpm     MD5: 06946b45de9cb2747ca236e43248b18c
systemtap-server-0.9.7-5.el5_4.3.i386.rpm     MD5: c03dd8b199bdfcb5c4e1000e9fcbc007
systemtap-testsuite-0.9.7-5.el5_4.3.i386.rpm     MD5: 0ba7a7f1ba8a20f232c648f04232d9f6
 
IA-64:
systemtap-0.9.7-5.el5_4.3.ia64.rpm     MD5: cfbe54d2eff990a9794418e49d54cde7
systemtap-client-0.9.7-5.el5_4.3.ia64.rpm     MD5: e4d9d88197d9badcb0b63ab3b298caa2
systemtap-initscript-0.9.7-5.el5_4.3.ia64.rpm     MD5: b2077876eae12ae2a9087cd90b937d8d
systemtap-runtime-0.9.7-5.el5_4.3.ia64.rpm     MD5: 0dd388227be76269be5d6e7a579a28b3
systemtap-sdt-devel-0.9.7-5.el5_4.3.ia64.rpm     MD5: f8d49ecde22af38144f255f8f2140ced
systemtap-server-0.9.7-5.el5_4.3.ia64.rpm     MD5: aeadc3cbddec036f9665608ca1e3e6ef
systemtap-testsuite-0.9.7-5.el5_4.3.ia64.rpm     MD5: 23a72b9801474d1c4a44092c716d9804
 
PPC:
systemtap-0.9.7-5.el5_4.3.ppc64.rpm     MD5: 20d14900920e37876ae70d9512618573
systemtap-client-0.9.7-5.el5_4.3.ppc64.rpm     MD5: a3363c209658043f23ac8f77078ff869
systemtap-initscript-0.9.7-5.el5_4.3.ppc64.rpm     MD5: 69ebb18ed52aed668ea934335387143d
systemtap-runtime-0.9.7-5.el5_4.3.ppc64.rpm     MD5: 3d7b5de8e4b55972a919437615cd64da
systemtap-sdt-devel-0.9.7-5.el5_4.3.ppc64.rpm     MD5: cc5b0ec75ee16182e6524e0664baef91
systemtap-server-0.9.7-5.el5_4.3.ppc64.rpm     MD5: ac6e630fe0c4a4c7af48f20c446b8683
systemtap-testsuite-0.9.7-5.el5_4.3.ppc64.rpm     MD5: a8463120915225ea1631f9c18ff6ac8a
 
s390x:
systemtap-0.9.7-5.el5_4.3.s390x.rpm     MD5: a502fa63a5432ee811a6f896bf19c468
systemtap-client-0.9.7-5.el5_4.3.s390x.rpm     MD5: 9c09f900f6a34e01e243d4ea269b8e47
systemtap-initscript-0.9.7-5.el5_4.3.s390x.rpm     MD5: 0b3b5b3b32e2cf05d3cd98cb16105683
systemtap-runtime-0.9.7-5.el5_4.3.s390x.rpm     MD5: e83fc219dc83dcb24a09c1418e7c5242
systemtap-sdt-devel-0.9.7-5.el5_4.3.s390.rpm     MD5: b4f36cc6cfbc2d75b198248a50af825e
systemtap-sdt-devel-0.9.7-5.el5_4.3.s390x.rpm     MD5: decd1a703b223b7f138c3b58a77458a6
systemtap-server-0.9.7-5.el5_4.3.s390x.rpm     MD5: 44061b50afbcbbce8ce5b109fae4a658
systemtap-testsuite-0.9.7-5.el5_4.3.s390x.rpm     MD5: 8452471ba8a88d2902c0ec3f087a3a23
 
x86_64:
systemtap-0.9.7-5.el5_4.3.x86_64.rpm     MD5: f972faae78d17b60235f8fe8b99e48b1
systemtap-client-0.9.7-5.el5_4.3.x86_64.rpm     MD5: 8f776aa59fac45421477a6112f02781f
systemtap-initscript-0.9.7-5.el5_4.3.x86_64.rpm     MD5: efecfc1ae77ea70138ec2bc7582538b1
systemtap-runtime-0.9.7-5.el5_4.3.x86_64.rpm     MD5: e7bf07fe4ed32f1fca93cee0227d7583
systemtap-sdt-devel-0.9.7-5.el5_4.3.i386.rpm     MD5: 06946b45de9cb2747ca236e43248b18c
systemtap-sdt-devel-0.9.7-5.el5_4.3.x86_64.rpm     MD5: f06dc9454b618d4bd964605761060eb8
systemtap-server-0.9.7-5.el5_4.3.x86_64.rpm     MD5: 03a62cacb29edfd5934c742b3865f936
systemtap-testsuite-0.9.7-5.el5_4.3.x86_64.rpm     MD5: 3772407bb7f597d8a5a0860a25998fcd
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

550172 - CVE-2009-4273 systemtap: remote code execution via stap-server
559719 - CVE-2010-0411 systemtap: Crash with systemtap script using __get_argv()


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/