CVE-2009-2911 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2009-2911): SystemTap 1.0, when the --unprivileged option is used, does not properly restrict certain data sizes, which allows local users to (1) cause a denial of service or gain privileges via a print operation with a large number of arguments that trigger a kernel stack overflow, (2) cause a denial of service via crafted DWARF expressions that trigger a kernel stack frame overflow, or (3) cause a denial of service (infinite loop) via vectors that trigger creation of large unwind tables, related to Common Information Entry (CIE) and Call Frame Instruction (CFI) records.
i've commited 1.0-r1 to the tree, grabbing the three patches from redhat.
Thank you. Closing noglsa.
Security: Please note that >=dev-util/systemtap-1 is hardmasked on selinux/ profiles, which means this fix will not be available for selinux users.
Earlier versions (before 1.0) did not suffer from this vulnerability, so it is not an issue for them.
