CVE-2010-0411 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0411): Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in tapset/aux_syscalls.stp in SystemTap 1.1 allow local users to cause a denial of service (script crash, or system crash or hang) via a process with a large number of arguments, leading to a buffer overflow.
CVE-2010-0412 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-0412): stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers to have an unspecified impact via vectors associated with executing the make program, a different vulnerability than CVE-2009-4273.
Two more vulnerabilities in dev-util/systemtap. Upstream commit at: http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git;a=commit;h=b7565b41228bea196cefa3a7d43ab67f8f9152e2 To resolve these vulnerabilities, we should do one of the following: - bump to 1.3 and add the change at the above commit. - bump to the release after 1.3 when it is available.
=dev-util/systemtap-1.4 is in the tree and contains the fix for this. Closing NOGLSA.
