CVE-2017-1000364

Common vulnerabilities & exposures (CVE)

CVE database CVE database blogpost Release & EoL database

Published at: - 19-06-2017 06:29

Last modified: - 26-10-2022 01:44

Total changes: - 3

Description

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

Common Vulnerability Scoring System (CVSS)

CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

High

Attack complexity

Local

Attack vector

High

Availability

High

Confidentiality

High

Integrity

None

Privileges required

Unchanged

Scope

None

User interaction

7.4

Base score

1.4

5.9

Exploitability score

Impact score

Verification logic

Reference

https://www.suse.com/support/kb/doc/?id=7020973
https://www.suse.com/security/cve/CVE-2017-1000364/
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
https://access.redhat.com/security/cve/CVE-2017-1000364
99130-Issue Tracking, VDB Entry
1038724-
https://kc.mcafee.com/corporate/index?page=content&id=SB10205
DSA-3886-
RHSA-2017:1712-
RHSA-2017:1647-
RHSA-2017:1616-
RHSA-2017:1567-
RHSA-2017:1491-
RHSA-2017:1490-
RHSA-2017:1489-
RHSA-2017:1488-
RHSA-2017:1487-
RHSA-2017:1486-
RHSA-2017:1485-
RHSA-2017:1484-
RHSA-2017:1483-
RHSA-2017:1482-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us
https://kc.mcafee.com/corporate/index?page=content&id=SB10207
45625-

Keywords

CVE-2017-1000364

Common vulnerabilities & exposures (CVE)

Description

Common Vulnerability Scoring System (CVSS)

Verification logic

Reference

NVD

CVE-2017-1000364

CVE

Common vulnerabilities & exposures

CVSS

Common vulnerability scoring system

Security

Vulnerabilities

Exposures