Skip to navigation

Security Advisory Moderate: systemtap security update

Advisory: RHSA-2011:1089-1
Type: Security Advisory
Severity: Moderate
Issued on: 2011-07-25
Last updated on: 2011-07-25
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)
CVEs (cve.mitre.org): CVE-2011-2503

Details

Updated systemtap packages that fix one security issue are now available
for Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

SystemTap is an instrumentation system for systems running the Linux
kernel. The system allows developers to write scripts to collect data on
the operation of the system.

A race condition flaw was found in the way the staprun utility performed
module loading. A local user who is a member of the stapusr group could use
this flaw to modify a signed module while it is being loaded, allowing them
to escalate their privileges. (CVE-2011-2503)

SystemTap users should upgrade to these updated packages, which contain a
backported patch to correct this issue.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
systemtap-1.3-9.el5.src.rpm
File outdated by:  RHBA-2013:0058
    MD5: f9518025fecd3c48cd7dfe3c44c70467
SHA-256: 8b9427347045f457a8e0262b063456d2b6894f038765111d89990f0fca505fdc
 
IA-32:
systemtap-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0ef30216183541e9d3ab22fd69232a23
SHA-256: 5942a42173f395363c3d594a2f63a8d47389e0e30010b53ae10d5a634d5ad9c6
systemtap-client-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: b330aa8ae5bb3619feb5156d096e1097
SHA-256: b60e7db972dad706b47750c9f6dcbc20744dfb5c28f3edb736d163474290c6c8
systemtap-initscript-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 472963b59fb03fd29d136c5829950c3a
SHA-256: e4fa667c4ff2fb7971ee7ccfcecbe4cd0aa34174479a603a7f74b7cd1da78302
systemtap-runtime-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: e93777b4215a0a552ab5d74d60a5a2a8
SHA-256: 150f6f8c9a3fbf743d63ed88e24fc895a2e52cbebaef0e2a524f908dea847148
systemtap-sdt-devel-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 64ed745f3d8be3a3398d952377aa26ff
SHA-256: 4c2605f4627fa518d9d56e4ac7f378f44fe8f9bc7ad15cadd412310fb6aac0ee
systemtap-server-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 81b0d08b18bc793cc08e30d47b3dd7c3
SHA-256: 244fff713d29ede9dad7c8faba2f10e359891632be130cb55ac42214c28a2af9
systemtap-testsuite-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 42519b169b2f8ed16a31dbba36f45955
SHA-256: b901fd080d9dca1d0ea824e96dec9b1854888520425c78e5e4c1f38e8f39db09
 
IA-64:
systemtap-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: f76e6163a853b0a5a23012615d5702f1
SHA-256: 158d94d50d8c386299a7568f17699b76868ad68f935f0c84a2407a62cdbf7d6a
systemtap-client-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 8c2f47a3047e36efa90dcb7d19fc010f
SHA-256: 9d70eb31e3470868faffb161ebff1c6dec04ce3879516632ab0db196e2a8a88f
systemtap-initscript-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 437d872be039d38fee3a5729e2c3ca01
SHA-256: 78b03495a95ab6179a9f3a5cb644871aa54415c8e7e4d8de8231adf608d7e831
systemtap-runtime-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 654e3a1c26f9f7aa97fc952d2aa7eea2
SHA-256: f305c1451fd73367b96ff98c7b576405626b8e9becf8965031793295061821c6
systemtap-sdt-devel-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 454a964ba2a587a0d6787ff9bb28b1b8
SHA-256: 5042d9fcb669f6038a8eb90cc896e39a8aa84f69dbe5d1efbd1411ffd9d9ff02
systemtap-server-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 7c017752235785677bd9d6bfca49a6e2
SHA-256: 00c41ff0e9f5bb8176003b90c4963dea3b459490665d6b297756537aa0c6d500
systemtap-testsuite-1.3-9.el5.ia64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 55e7c2231abb5249a3500f2660dbee71
SHA-256: 789e5e9d74d158ad6da3a07733d996f3df14b13769f0dce5ad795bff03ca9f22
 
PPC:
systemtap-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0fca49624c7a19bf312430a06a227d1e
SHA-256: 3fdd2ab8af956d34d407f3705a8889e3e33c2e83dffe4dc0f6abe33383513b7a
systemtap-client-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 4914a223f8ff5b0f439f996df69298d7
SHA-256: ba7da651af91b47a83b671f71aa6cb722047e1dde86a4a3f0b0d1d538c418bc4
systemtap-initscript-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 2771b9dd7186892caa7604ccb339acb3
SHA-256: dd2868e3d2d22a0b760f2071c72195da2e1516ff32e72517faa533908b575616
systemtap-runtime-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: b7a838c547a2aafc4f3280227e90e462
SHA-256: d293c38abf72791f0c29712de2c259955fd32d04483cb2104707a478cb5c5e61
systemtap-sdt-devel-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 62bea5334d1d0dcf186245136795a84c
SHA-256: 923b60a25395faaf556d10292fcd14f9da67f67a4b221c4e6b4f5abab5147bf6
systemtap-server-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: cb973ea52087147c2bb44de022943443
SHA-256: 8955a007a1c1454f775255c6850e4685864397d6c496717489e9c42254ff8ae4
systemtap-testsuite-1.3-9.el5.ppc64.rpm
File outdated by:  RHBA-2013:0058
    MD5: bbae844c7f373775c42dde206177541e
SHA-256: 5d549c5d914948ec563779b9df9c8b4718d5bf6e7cbb6a1cb9c75a63cb1ae1bc
 
s390x:
systemtap-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: b96d0a497ada9d21eacd60f0210acdc2
SHA-256: 3c90bc05badf05edb5eaa21cdccb69c4d72a3f7c0a57579527f9ef0154e2a926
systemtap-client-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1233cf26e164e55f488dcb4d659964a3
SHA-256: 1676aa8c99cff6b3c51aac6030da3d1c30476a7753171bbb17076608e9c291d4
systemtap-initscript-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 6b69e22c73ef76504c086a195948d590
SHA-256: 606c1ce54f42bb9b8a07a90c74e64b53c41768a68aa461fe991cf4258dec6d19
systemtap-runtime-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: 9e99235dea1c27d2cf2cb66af75f63dc
SHA-256: 06e12101ec13d37e68ba142ada553bc04fc299d18645332e318e2e0766a5c394
systemtap-sdt-devel-1.3-9.el5.s390.rpm
File outdated by:  RHBA-2013:0058
    MD5: 81cf9362a558bbd8c7c855f5d3da8c33
SHA-256: 800033f5a73a3c6ace6da7f4e0ed73b44759d4886bf1d93645c310d5168e98a7
systemtap-sdt-devel-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: a2a888fe8c17b0f95dbefb3f873f410b
SHA-256: 6257c03a03cc3bff297f913d9a7932a0d6de98b5c307d07c83d30152fb730233
systemtap-server-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: dd2420dc5fc1a42e4b944cca23e42177
SHA-256: b45dd6af988f0d0a4dc0d99a56a2d4e5592459db8566f37dba67de867704c08c
systemtap-testsuite-1.3-9.el5.s390x.rpm
File outdated by:  RHBA-2013:0058
    MD5: dd419e0926f7336069d77e55595b776e
SHA-256: c788a540353710d2b01999fbfa759674827357d29f450b03258ebc55522f1608
 
x86_64:
systemtap-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1f1f4035a3b6369dfa5755cf3fe03b41
SHA-256: 1ba4b6b14aa6c3bb86f60a320180d265445654948a7ba757454a2d45638dc717
systemtap-client-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 73164e8e5bd4c4debb064f9590f5a69f
SHA-256: bfd2920c7c0dc757eba5aee736e4eb05b03a2c38ec81ec2d168a2dba30b8a09e
systemtap-initscript-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 18f4d762c7691faa38b2e5256eb1ad64
SHA-256: a1c80b6f567d245f5ebd832873aff265062c5f1e03dab4360d9e5e6c95494997
systemtap-runtime-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: c81b6bcab04f882a7d855fc958cab110
SHA-256: 65ac795872ef5153fb309e8b9e63ad100a92f28dd5606d815faf83fce906b856
systemtap-sdt-devel-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 64ed745f3d8be3a3398d952377aa26ff
SHA-256: 4c2605f4627fa518d9d56e4ac7f378f44fe8f9bc7ad15cadd412310fb6aac0ee
systemtap-sdt-devel-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1ecb36f3fe6741972feca7dcf3af0731
SHA-256: 55c1e4eb93756a08c7776c6bc568269a7ba2258c17bc2b2a60479305fbcca4cc
systemtap-server-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 084f447710b1ddddf34ed46a7ed04d87
SHA-256: 0d2af89b4c266fb6d514ade24e6ea59336b6741b67e8400c04c45898931a8c6d
systemtap-testsuite-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: d5b75da36663c9e4ad393a281053830b
SHA-256: a4a84f3231ab0e95871287505bf65be47cb82e096aae815e1f78232920d5fa4b
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
systemtap-1.3-9.el5.src.rpm
File outdated by:  RHBA-2013:0058
    MD5: f9518025fecd3c48cd7dfe3c44c70467
SHA-256: 8b9427347045f457a8e0262b063456d2b6894f038765111d89990f0fca505fdc
 
IA-32:
systemtap-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 0ef30216183541e9d3ab22fd69232a23
SHA-256: 5942a42173f395363c3d594a2f63a8d47389e0e30010b53ae10d5a634d5ad9c6
systemtap-client-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: b330aa8ae5bb3619feb5156d096e1097
SHA-256: b60e7db972dad706b47750c9f6dcbc20744dfb5c28f3edb736d163474290c6c8
systemtap-initscript-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 472963b59fb03fd29d136c5829950c3a
SHA-256: e4fa667c4ff2fb7971ee7ccfcecbe4cd0aa34174479a603a7f74b7cd1da78302
systemtap-runtime-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: e93777b4215a0a552ab5d74d60a5a2a8
SHA-256: 150f6f8c9a3fbf743d63ed88e24fc895a2e52cbebaef0e2a524f908dea847148
systemtap-sdt-devel-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 64ed745f3d8be3a3398d952377aa26ff
SHA-256: 4c2605f4627fa518d9d56e4ac7f378f44fe8f9bc7ad15cadd412310fb6aac0ee
systemtap-server-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 81b0d08b18bc793cc08e30d47b3dd7c3
SHA-256: 244fff713d29ede9dad7c8faba2f10e359891632be130cb55ac42214c28a2af9
systemtap-testsuite-1.3-9.el5.i386.rpm
File outdated by:  RHSA-2012:0376
    MD5: 42519b169b2f8ed16a31dbba36f45955
SHA-256: b901fd080d9dca1d0ea824e96dec9b1854888520425c78e5e4c1f38e8f39db09
 
x86_64:
systemtap-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1f1f4035a3b6369dfa5755cf3fe03b41
SHA-256: 1ba4b6b14aa6c3bb86f60a320180d265445654948a7ba757454a2d45638dc717
systemtap-client-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 73164e8e5bd4c4debb064f9590f5a69f
SHA-256: bfd2920c7c0dc757eba5aee736e4eb05b03a2c38ec81ec2d168a2dba30b8a09e
systemtap-initscript-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 18f4d762c7691faa38b2e5256eb1ad64
SHA-256: a1c80b6f567d245f5ebd832873aff265062c5f1e03dab4360d9e5e6c95494997
systemtap-runtime-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: c81b6bcab04f882a7d855fc958cab110
SHA-256: 65ac795872ef5153fb309e8b9e63ad100a92f28dd5606d815faf83fce906b856
systemtap-sdt-devel-1.3-9.el5.i386.rpm
File outdated by:  RHBA-2013:0058
    MD5: 64ed745f3d8be3a3398d952377aa26ff
SHA-256: 4c2605f4627fa518d9d56e4ac7f378f44fe8f9bc7ad15cadd412310fb6aac0ee
systemtap-sdt-devel-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 1ecb36f3fe6741972feca7dcf3af0731
SHA-256: 55c1e4eb93756a08c7776c6bc568269a7ba2258c17bc2b2a60479305fbcca4cc
systemtap-server-1.3-9.el5.x86_64.rpm
File outdated by:  RHBA-2013:0058
    MD5: 084f447710b1ddddf34ed46a7ed04d87
SHA-256: 0d2af89b4c266fb6d514ade24e6ea59336b6741b67e8400c04c45898931a8c6d
systemtap-testsuite-1.3-9.el5.x86_64.rpm
File outdated by:  RHSA-2012:0376
    MD5: d5b75da36663c9e4ad393a281053830b
SHA-256: a4a84f3231ab0e95871287505bf65be47cb82e096aae815e1f78232920d5fa4b
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

716489 - CVE-2011-2503 systemtap: signed module loading race condition


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/