CVE-2017-1000379

high

Description

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.

References

https://www.exploit-db.com/exploits/42275/

https://access.redhat.com/security/cve/CVE-2017-1000379

https://access.redhat.com/errata/RHSA-2017:1842

https://access.redhat.com/errata/RHSA-2017:1712

https://access.redhat.com/errata/RHSA-2017:1647

https://access.redhat.com/errata/RHSA-2017:1616

https://access.redhat.com/errata/RHSA-2017:1491

https://access.redhat.com/errata/RHSA-2017:1490

https://access.redhat.com/errata/RHSA-2017:1489

https://access.redhat.com/errata/RHSA-2017:1488

https://access.redhat.com/errata/RHSA-2017:1487

https://access.redhat.com/errata/RHSA-2017:1486

https://access.redhat.com/errata/RHSA-2017:1485

https://access.redhat.com/errata/RHSA-2017:1484

https://access.redhat.com/errata/RHSA-2017:1482

http://www.securityfocus.com/bid/99284

Details

Source: Mitre, NVD

Published: 2017-06-19

Updated: 2023-01-17

Risk Information

CVSS v2

Base Score: 7.2

Vector: CVSS2#AV:L/AC:L/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H