The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2017-1000379 from the MITRE CVE dictionary dictionary and NIST NVD.
This issue was part of the stack guard fixes that was fixed along side the CVE-2017-1000364 flaw. This issue has previously affected Red Hat Enterprise Linux 5,6,7 and MRG-2. This issue is currently fixed in most versions of shipping products.
CVSS3 Base Score | 2.9 |
---|---|
CVSS3 Base Metrics | CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N |
Attack Vector | Local |
Attack Complexity | High |
Privileges Required | None |
User Interaction | None |
Scope | Unchanged |
Confidentiality | None |
Integrity Impact | Low |
Availability Impact | None |
Platform | Errata | Release Date |
---|---|---|
Red Hat Enterprise Linux Server (v. 5 ELS) (kernel) | RHSA-2017:1482 | 2017-06-19 |
Red Hat Enterprise Linux Advanced Update Support 6.2 (kernel) | RHSA-2017:1491 | 2017-06-19 |
Red Hat Enterprise Linux Server TUS (v. 6.6) (kernel) | RHSA-2017:1488 | 2017-06-19 |
Red Hat Enterprise Linux for Real Time for NFV (v. 7) (kernel-rt) | RHSA-2017:1616 | 2017-06-28 |
Red Hat Enterprise Linux Advanced Update Support 6.5 (kernel) | RHSA-2017:1489 | 2017-06-19 |
Red Hat Enterprise Linux 6 (kernel) | RHSA-2017:1486 | 2017-06-19 |
Red Hat MRG Grid for RHEL 6 Server v.2 (kernel-rt) | RHSA-2017:1647 | 2017-06-28 |
Red Hat Enterprise Linux 7 (kernel) | RHSA-2017:1484 | 2017-06-20 |
Red Hat Enterprise Linux Extended Update Support 7.2 (kernel) | RHSA-2017:1485 | 2017-06-19 |
Red Hat Enterprise Linux Server TUS (v. 6.5) (kernel) | RHSA-2017:1489 | 2017-06-19 |
Red Hat Enterprise Linux Extended Update Support 6.7 (kernel) | RHSA-2017:1487 | 2017-06-19 |
Red Hat Enterprise Linux 7 (kernel) | RHSA-2017:1842 | 2017-08-01 |
Red Hat Enterprise Linux Advanced Update Support 6.6 (kernel) | RHSA-2017:1488 | 2017-06-19 |
Red Hat Enterprise Linux Advanced Update Support 6.4 (kernel) | RHSA-2017:1490 | 2017-06-19 |
Platform | Package | State |
---|---|---|
Red Hat Enterprise Linux 7 | kernel-alt | Will not fix |