Linux Kernel CVE-2017-1000379 Local Security Bypass Vulnerability

by CIRT Team

Description:  The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.

Impact: Attackers can exploit this issue to bypass certain security restrictions and perform unauthorized actions. Linux Kernel 4.11.5 is vulnerable; other versions may also be affected.

Mitigation: Updates are available. Please check specific vendor advisory for more information.

Reference URL’s:

• http://www.cvedetails.com/cve/CVE-2017-1000379/
• http://www.securityfocus.com/bid/99284/info
• https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
• https://bugzilla.redhat.com/show_bug.cgi?id=1462165
• https://access.redhat.com/security/cve/CVE-2017-1000379

CIRT Team

Recommended Posts

Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh

06 Nov 2024 - Security Advisories & Alerts

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

08 Oct 2024 - Security Advisories & Alerts

Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

12 Sep 2024 - Security Advisories & Alerts