CVE-2017-1000379

HIGH

Linux Kernel <4.11.5 - Memory Corruption

Title source: llm

Description

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Qualys Corporation · clocallinux_x86-64

https://www.exploit-db.com/exploits/42275

View Code ZIP pw:eip

References (17)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/99284

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1482

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1484

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1485

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1486

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1487

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1488

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1489

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1490

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1491

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1616

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1647

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1712

[Third Party Advisory] https://access.redhat.com/errata/RHSA-2017:1842

[Third Party Advisory, VDB Entry] https://access.redhat.com/security/cve/CVE-2017-1000379

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/42275/

[Third Party Advisory] https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Scores

CVSS v3 7.8

EPSS 0.0066

EPSS Percentile 71.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

Status published

Products (1)

linux/linux_kernel 2.6.12 - 3.2.90

Published Jun 19, 2017

Tracked Since Feb 18, 2026