CESA-2011:1089 -- centos 5 i386 systemtapID: oval:org.secpod.oval:def:201482 | Date: (C)2012-01-31 (M)2023-11-09 |
Class: PATCH | Family: unix |
SystemTap is an instrumentation system for systems running the Linux kernel. The system allows developers to write scripts to collect data on the operation of the system. A race condition flaw was found in the way the staprun utility performed module loading. A local user who is a member of the stapusr group could use this flaw to modify a signed module while it is being loaded, allowing them to escalate their privileges. SystemTap users should upgrade to these updated packages, which contain a backported patch to correct this issue.