CVE-2017-1000379

HIGH

Linux Kernel <4.11.5 - Memory Corruption

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2017-1000379. PoCs published by Qualys Corporation.

AI-analyzed exploit summary This exploit leverages CVE-2017-1000379, a vulnerability in the Linux dynamic loader (ld.so) related to the handling of the HWCAP mechanism. It injects a malicious shared library to gain root privileges by manipulating the loader's behavior during program execution.

Description

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.

Exploits (1)

exploitdb WORKING POC VERIFIED
by Qualys Corporation · clocallinux_x86-64
https://www.exploit-db.com/exploits/42275

This exploit leverages CVE-2017-1000379, a vulnerability in the Linux dynamic loader (ld.so) related to the handling of the HWCAP mechanism. It injects a malicious shared library to gain root privileges by manipulating the loader's behavior during program execution.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: Linux dynamic loader (ld.so) on various distributions (Debian, Ubuntu, Fedora, CentOS)
No auth needed
Prerequisites: Access to a vulnerable Linux system · Ability to compile and execute the exploit
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (17)

Core 17
Core References
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1491
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1486
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1489
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1490
Third Party Advisory, VDB Entry x_refsource_confirm
https://access.redhat.com/security/cve/CVE-2017-1000379
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1482
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1647
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/99284
Third Party Advisory, VDB Entry exploit x_refsource_exploit-db
https://www.exploit-db.com/exploits/42275/
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1616
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1712
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1487
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1484
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1842
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1485
Third Party Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2017:1488

Scores

CVSS v3 7.8
EPSS 0.0066
EPSS Percentile 71.8%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published
Products (1)
linux/linux_kernel 2.6.12 - 3.2.90
Published Jun 19, 2017
Tracked Since Feb 18, 2026