Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.2
CVSSv2

CVE-2017-1000365

Published: 19/06/2017 Updated: 17/01/2023
CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9
CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8
VMScore: 643
Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Linux

Vulnerability Summary

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows malicious users to bypass this limitation. This affects Linux Kernel versions 4.11.5 and previous versions. It appears that this feature was introduced in the Linux Kernel version 2.6.23.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel

Vendor Advisories

Debian Security Advisories: DSA-3945-1 linux -- security update
Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks CVE-2014-9940 A use-after-free flaw in the voltage and current regulator driver could allow a local user to cause a denial of service or potentially escalate privileges CVE-2017-7346 Li ...
Red Hat: CVE-2017-1000365
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIMIT_INFINITY, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation ...
Ubuntu Security Notice: linux vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-trusty vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon regression
USN-3378-1 introduced a regression in the Linux kernel ...
Ubuntu Security Notice: linux-hwe vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux, linux-raspi2 vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial vulnerabilities
Several security issues were fixed in the Linux kernel ...
Ubuntu Security Notice: linux-lts-xenial regression
USN-3378-2 introduced a regression the Linux Hardware Enablement kernel ...
Ubuntu Security Notice: linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon vulnerabilities
Several security issues were fixed in the Linux kernel ...
Arch Linux Issues:
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation This affects Linux Kernel versions 4115 and earlier It appears that this featur ...

References

NVD-CWE-noinfohttps://www.qualys.com/2017/06/19/stack-clash/stack-clash.txthttps://access.redhat.com/security/cve/CVE-2017-1000365http://www.securityfocus.com/bid/99156http://www.debian.org/security/2017/dsa-3945http://www.debian.org/security/2017/dsa-3927https://nvd.nist.govhttps://www.debian.org/security/./dsa-3945https://usn.ubuntu.com/3381-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook