Detections
Analytics

MiracleLinux 3 : systemtap-1.6-7.AXS3 (AXSA:2012-344:01)

critical Nessus Plugin ID 283905

Synopsis

The remote MiracleLinux host is missing a security update.

Description

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2012-344:01 advisory.

 SystemTap is an instrumentation system for systems running Linux 2.6. Developers can write instrumentation to collect data on the operation of the system.
 Security issues fixed with this release:
 CVE-2012-0875 No information available at the time of writing, please refer to the CVE links below.
 Fixed bugs:
 Upgraded to upstream version 1.6.
 For the with server portion of the SystemTap buildok test suite, the server needs an authorized certificate for signing the code built by the compiler server. Sometimes, a client running the test suite never obtained the authorized certificate and additional failures were reported by the test suite compared to the self-hosted buildok test runs. This has been fixed: results for the with server portion of test suite match those for the self-hosted test suite.
 To prevent data corruption, the systemtap data structure to track address accesses requires a locking mechanism. If excessive contention for reading the data structure occured, the spinlocks that were used could cause kernel panics. The locking mechanism has been changed to rwlock, which fixes this bug.
 The debugfs directory associated with a systemtap script could remain in the system after the script exited, preventing subsequent scripts from creating their own debugfs directories unless the system was rebooted. This has been fixed: debugfs directories are removed every time a systemtap script exits.
 The tracepoint names for older kernels' so probe points and newer kernels' irq.stp tapset did not match.
 As a result, the softirq.* probe points were not found on kernels in Asianux Server 3. This has been fixed.
 The operands in the newest version of user-space markers could sometimes not be parsed, and some tests failed. The updated systemtap handles those operands as expected now.
 The memory.stp tapset's vm.write_shared_copy probe used by the memory-write_shared_copy.stp test in systemtap earlier versions was a dummy: it let the test case falsely pass. It later became a real probe but cannot be resolved on Asianux Server 3 kernel because of incomplete debug information generated by the gcc compiler and the test would fail and appear as regression. This test case is now designated as a known failure (KFAIL) and does not appear as a regression any longer.

Tenable has extracted the preceding description block directly from the MiracleLinux security advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Update the affected systemtap and / or systemtap-runtime packages.

See Also

https://tsn.miraclelinux.com/en/node/2836

Plugin Details

Severity: Critical

ID: 283905

File Name: miracle_linux_AXSA-2012-344.nasl

Version: 1.1

Type: local

Published: 1/14/2026

Updated: 1/14/2026

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.2

Vendor

Vendor Severity: High

CVSS v2

Risk Factor: Medium

Base Score: 5.4

Temporal Score: 4

Vector: CVSS2#AV:L/AC:M/Au:N/C:P/I:N/A:C

CVSS Score Source: CVE-2012-0875

CVSS v3

Risk Factor: Critical

Base Score: 9.1

Temporal Score: 7.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/o:miracle:linux:3, p-cpe:/a:miracle:linux:systemtap, p-cpe:/a:miracle:linux:systemtap-runtime

Required KB Items: Host/local_checks_enabled, Host/cpu, Host/MiracleLinux/release, Host/MiracleLinux/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 3/14/2012

Vulnerability Publication Date: 2/22/2012

Reference Information

CVE: CVE-2012-0875