Skip to main content

Systemtap CVE-2012-0875

MEDIUM
Permissions, Privileges, and Access Controls (CWE-264)
2014-02-04 secalert@redhat.com
5.4
CVSS 2.0 · NVD
Share

Severity by source

NVD PRIMARY
5.4 MEDIUM
AV:L/AC:M/Au:N/C:P/I:N/A:C

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

AV:L/AC:M/Au:N/C:P/I:N/A:C
Attack Vector
Local
Attack Complexity
M
Confidentiality
P
Integrity
None
Availability
C

Lifecycle Timeline

1
CVE Published
Feb 04, 2014 - 23:55 cve.org
MEDIUM 5.4

DescriptionCVE.org

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer.

AnalysisAI

SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic. Rated medium severity (CVSS 5.4). No vendor patch available.

Technical ContextAI

This vulnerability is classified under CWE-264. SystemTap 1.7, 1.6.7, and probably other versions, when unprivileged mode is enabled, allows local users to obtain sensitive information from kernel memory or cause a denial of service (kernel panic and crash) via vectors related to crafted DWARF data, which triggers a read of an invalid pointer. Affected products include: Systemtap.

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.

Share

CVE-2012-0875 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy