Vulnerability CVE-2017-1000379


Published: 2017-06-19

Description:
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.

See advisories in our WLB2 database:
Topic
Author
Date
Med.
Linux 'ldso_hwcap_64' Local Root Stack Clash Exploit
Qualys
29.06.2017

Type:

CWE-264

(Permissions, Privileges, and Access Controls)

Vendor: Linux
Product: Linux kernel 
Version: 4.11.5;

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete

 References:
http://www.securityfocus.com/bid/99284
https://access.redhat.com/errata/RHSA-2017:1482
https://access.redhat.com/errata/RHSA-2017:1484
https://access.redhat.com/errata/RHSA-2017:1485
https://access.redhat.com/errata/RHSA-2017:1486
https://access.redhat.com/errata/RHSA-2017:1487
https://access.redhat.com/errata/RHSA-2017:1488
https://access.redhat.com/errata/RHSA-2017:1489
https://access.redhat.com/errata/RHSA-2017:1490
https://access.redhat.com/errata/RHSA-2017:1491
https://access.redhat.com/errata/RHSA-2017:1616
https://access.redhat.com/errata/RHSA-2017:1647
https://access.redhat.com/errata/RHSA-2017:1712
https://access.redhat.com/errata/RHSA-2017:1842
https://access.redhat.com/security/cve/CVE-2017-1000379
https://www.exploit-db.com/exploits/42275/
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Related CVE
CVE-2018-7566
The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.
CVE-2017-18249
The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent thre...
CVE-2017-18241
fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.
CVE-2018-8822
Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...
CVE-2018-1068
A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.
CVE-2017-18232
The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
CVE-2018-8087
Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.
CVE-2017-18224
In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modify...

Copyright 2018, cxsecurity.com

 

Back to Top