SystemTap contains a flaw that may allow a local denial of service. The issue is triggered when parsing 'Debugging With Attributed Record Formats' (DWARF) expressions, which causes a kernel panic resulting in a loss of availability for the system.

Currently, there are no known workarounds or upgrades to correct this issue. However, a patch has been released in the GIT repository to address this vulnerability. Check the vendor advisory or solution in the references section.

• Security Tracker: 1026726
• CVE ID: 2012-0875 (see also: NVD)
• Bugtraq ID: 52121
• Vendor Specific Advisory URL: http://sourceware.org/bugzilla/show_bug.cgi?id=13714
• Vendor Specific Solution URL: http://sourceware.org/git/?p=systemtap.git;a=commit;h=16d59279f
  http://sourceware.org/git/?p=systemtap.git;a=commit;h=64b0cff3b
• Vendor URL: http://sourceware.org/systemtap/
• Vendor Specific News/Changelog Entry: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-0875

• Vincent Danen

NVD does not currently have a CVSSv2 score assigned.