CVE-2017-1000253: Linux Kernel PIE Stack Buffer Corruption Vulnerability
First published: Fri Sep 15 2017(Updated: )
A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. Upstream patch: <a href="https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86">https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86</a>
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| CentOS CentOS | =6.0 | |
| CentOS CentOS | =6.1 | |
| CentOS CentOS | =6.2 | |
| CentOS CentOS | =6.3 | |
| CentOS CentOS | =6.4 | |
| CentOS CentOS | =6.5 | |
| CentOS CentOS | =6.6 | |
| CentOS CentOS | =6.7 | |
| CentOS CentOS | =6.8 | |
| CentOS CentOS | =6.9 | |
| CentOS CentOS | =7.1406 | |
| CentOS CentOS | =7.1503 | |
| CentOS CentOS | =7.1511 | |
| CentOS CentOS | =7.1611 | |
| Redhat Enterprise Linux | =6.0 | |
| Redhat Enterprise Linux | =6.1 | |
| Redhat Enterprise Linux | =6.2 | |
| Redhat Enterprise Linux | =6.3 | |
| Redhat Enterprise Linux | =6.4 | |
| Redhat Enterprise Linux | =6.5 | |
| Redhat Enterprise Linux | =6.6 | |
| Redhat Enterprise Linux | =6.7 | |
| Redhat Enterprise Linux | =6.8 | |
| Redhat Enterprise Linux | =6.9 | |
| Redhat Enterprise Linux | =7.0 | |
| Redhat Enterprise Linux | =7.1 | |
| Redhat Enterprise Linux | =7.2 | |
| Redhat Enterprise Linux | =7.3 | |
| Linux Linux kernel | >=2.6.25<3.2.70 | |
| Linux Linux kernel | >=3.3<3.4.109 | |
| Linux Linux kernel | >=3.5<3.10.77 | |
| Linux Linux kernel | >=3.11<3.12.43 | |
| Linux Linux kernel | >=3.13<3.14.41 | |
| Linux Linux kernel | >=3.15<3.16.35 | |
| Linux Linux kernel | >=3.17<3.18.14 | |
| Linux Linux kernel | >=3.19<3.19.7 | |
| Linux Linux kernel | >=4.0<4.0.2 | |
| Linux kernel |
Remedy
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86
- https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt
- https://access.redhat.com/errata/RHSA-2017:2800
- https://access.redhat.com/errata/RHSA-2017:2799
- https://access.redhat.com/errata/RHSA-2017:2798
- https://access.redhat.com/errata/RHSA-2017:2797
- https://access.redhat.com/errata/RHSA-2017:2794
- https://access.redhat.com/errata/RHSA-2017:2793
- https://access.redhat.com/errata/RHSA-2017:2796
- https://access.redhat.com/errata/RHSA-2017:2801
- https://access.redhat.com/errata/RHSA-2017:2802
- https://access.redhat.com/errata/RHSA-2017:2795
- https://bugzilla.redhat.com/show_bug.cgi?id=1492212
- http://www.securityfocus.com/bid/101010
- http://www.securitytracker.com/id/1039434
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86;
- https://nvd.nist.gov/vuln/detail/CVE-2017-1000253
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-1000253
- agent/first-publish-date
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/severity
- agent/weakness
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- exploited/true
- ransomware/true
- collector/cisa-known-exploited
- source/CISA
- agent/references
- agent/title
- agent/remedy
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/nvd-cve
- vendor/centos
- canonical/centos centos
- version/centos centos/6.0
- version/centos centos/6.1
- version/centos centos/6.2
- version/centos centos/6.3
- version/centos centos/6.4
- version/centos centos/6.5
- version/centos centos/6.6
- version/centos centos/6.7
- version/centos centos/6.8
- version/centos centos/6.9
- version/centos centos/7.1406
- version/centos centos/7.1503
- version/centos centos/7.1511
- version/centos centos/7.1611
- vendor/redhat
- canonical/redhat enterprise linux
- version/redhat enterprise linux/6.0
- version/redhat enterprise linux/6.1
- version/redhat enterprise linux/6.2
- version/redhat enterprise linux/6.3
- version/redhat enterprise linux/6.4
- version/redhat enterprise linux/6.5
- version/redhat enterprise linux/6.6
- version/redhat enterprise linux/6.7
- version/redhat enterprise linux/6.8
- version/redhat enterprise linux/6.9
- version/redhat enterprise linux/7.0
- version/redhat enterprise linux/7.1
- version/redhat enterprise linux/7.2
- version/redhat enterprise linux/7.3
- vendor/linux
- canonical/linux linux kernel
- version/linux linux kernel/2.6.25
- version/linux linux kernel/3.3
- version/linux linux kernel/3.5
- version/linux linux kernel/3.11
- version/linux linux kernel/3.13
- version/linux linux kernel/3.15
- version/linux linux kernel/3.17
- version/linux linux kernel/3.19
- version/linux linux kernel/4.0
- canonical/linux kernel