{"id":"CVE-2011-2502","details":"runtime/staprun/staprun_funcs.c in the systemtap runtime tool (staprun) in SystemTap before 1.6 does not properly validate modules when a module path is specified by a user for user-space probing, which allows local users in the stapusr group to gain privileges via a crafted module in the search path in the -u argument.","modified":"2026-04-10T03:41:50.924650Z","published":"2012-07-26T19:55:00Z","references":[{"type":"ADVISORY","url":"http://secunia.com/advisories/45377"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=716476"},{"type":"WEB","url":"http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=blob%3Bf=NEWS%3Bhb=304d73b1fea24af791f2a129fb141c5009eae6a8"},{"type":"WEB","url":"http://sources.redhat.com/git/gitweb.cgi?p=systemtap.git%3Ba=commitdiff%3Bh=4ecaadf545a729bb3e5f01f6f019716d49815d9a"}],"schema_version":"1.7.5"}