Bug 263037 (CVE-2009-0784)

Summary:	dev-util/systemtap race condition leading to privilege escalation (CVE-2009-0784)
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED FIXED
Severity:	normal	CC:	swegener
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://secunia.com/advisories/34475/
Whiteboard:	~1 [noglsa]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2009-03-19 13:13:13 UTC

** Please note that this issue is confidential and no information should be
disclosed until it is made public, see "Whiteboard" for a date **

Erik Sjölund reported a race condition where a user in group
stapusr can load a kernel object from anywhere on the filesystem due to
a race condition in the stap program.  This allows members of stapusr to
effectively elevate privileges to group stapdev or root.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2009-03-19 13:14:10 UTC

This bug is purely for tracking purposes, as systemtap is not currently stable. Feel free to bump and patch after the embargo date.

Comment 2 Sven Wegener gentoo-dev

2009-03-29 09:01:21 UTC

I've commited 0.9.5 to the tree, it contains a fix for CVE-2009-0784.

Comment 3 Pierre-Yves Rofes (RETIRED) gentoo-dev

2009-03-29 17:26:54 UTC

public as per $URL. nothing more to do because ~arch only, closing.