CWE
787
Advisory Published
CVE Published
Updated

CVE-2017-1000255

First published: Tue Oct 03 2017(Updated: )

A flaw was found in the Linux kernels handling of signal frame processing where any user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the kernel stack pointer. As part of the exception entry the content of the signal frame is written to the kernel stack, allowing an attacker to overwrite arbitrary locations with arbitrary values. The exception handling does produce an oops, and a panic if panic_on_oops=1, but only after kernel memory has been over written. This flaw only affects PowerPC systems running on Power8 or later processors. References: <a href="http://seclists.org/oss-sec/2017/q4/51">http://seclists.org/oss-sec/2017/q4/51</a> This issue was introduced by commit: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d176f751ee3">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d176f751ee3</a> An upstream fix: <a href="https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=265e60a170d0a0ecfc2d20490134ed2c48dd45ab">https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=265e60a170d0a0ecfc2d20490134ed2c48dd45ab</a>

Credit: cve@mitre.org cve@mitre.org

Affected SoftwareAffected VersionHow to fix
Linux Linux kernel
Ibm Powerpc Power8
Ibm Powerpc Power9
All of
Linux Linux kernel
Any of
Ibm Powerpc Power8
Ibm Powerpc Power9
debian/linux
5.10.223-1
5.10.226-1
6.1.115-1
6.1.119-1
6.11.10-1
6.12.5-1

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2017-1000255?

    CVE-2017-1000255 is a vulnerability on Linux running on PowerPC hardware that allows a user process to craft a signal frame and exploit it for privilege escalation.

  • How severe is CVE-2017-1000255 vulnerability?

    CVE-2017-1000255 is a medium severity vulnerability with a severity rating of 4.

  • How can I fix the CVE-2017-1000255 vulnerability?

    To fix CVE-2017-1000255, update your Linux kernel to version 4.13.0-17.20 or later.

  • Are there any security advisories related to CVE-2017-1000255?

    Yes, you can find more information about CVE-2017-1000255 in the following security advisories: http://seclists.org/oss-sec/2017/q4/51

  • Where can I find the source code patches for CVE-2017-1000255?

    You can find the source code patches for CVE-2017-1000255 in the following Git commits: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5d176f751ee3, https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=265e60a170d0a0ecfc2d20490134ed2c48dd45ab

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203