CVE-2017-1000366: Buffer Overflow
First published: Fri May 19 2017(Updated: )
glibc contains a vulnerability that allows specially crafted LD_LIBRARY_PATH values to manipulate the heap/stack, causing them to alias, potentially resulting in arbitrary code execution. Please note that additional hardening changes have been made to glibc to prevent manipulation of stack and heap memory but these issues are not directly exploitable, as such they have not been given a CVE. This affects glibc 2.25 and earlier.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Red Hat Enterprise Linux | =5 | |
| Red Hat Enterprise Linux | =6.0 | |
| Red Hat Enterprise Linux | =7.0 | |
| Red Hat Enterprise Linux Desktop | =6.0 | |
| Red Hat Enterprise Linux Desktop | =7.0 | |
| Red Hat Enterprise Linux Server | =6.0 | |
| Red Hat Enterprise Linux Server | =6.6 | |
| Red Hat Enterprise Linux Server | =7.0 | |
| Red Hat Enterprise Linux Server | =5.9 | |
| Red Hat Enterprise Linux Server | =6.2 | |
| Red Hat Enterprise Linux Server | =6.4 | |
| Red Hat Enterprise Linux Server | =6.5 | |
| Red Hat Enterprise Linux Server | =6.6 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server | =6.2 | |
| Red Hat Enterprise Linux Server | =6.5 | |
| Red Hat Enterprise Linux Server | =6.7 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.4 | |
| Red Hat Enterprise Linux Server | =7.5 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Server Long Life | =5.9 | |
| Red Hat Enterprise Linux Server | =6.5 | |
| Red Hat Enterprise Linux Server | =6.6 | |
| Red Hat Enterprise Linux Server | =7.2 | |
| Red Hat Enterprise Linux Server | =7.3 | |
| Red Hat Enterprise Linux Server | =7.6 | |
| Red Hat Enterprise Linux Workstation | =6.0 | |
| Red Hat Enterprise Linux Workstation | =7.0 | |
| OpenStack Magnum Orchestration | =7 | |
| SUSE Linux Enterprise Desktop | =12.0-sp2 | |
| SUSE Linux Enterprise Point of Sale | =11.0-sp3 | |
| SUSE Linux Enterprise Server | =11.0-sp3 | |
| SUSE Linux | =42.2 | |
| SUSE Linux Enterprise Server | =12-sp1 | |
| SUSE Linux Enterprise Server | =10-sp4 | |
| SUSE Linux Enterprise Server | =11-sp4 | |
| SUSE Linux Enterprise Server | =12-sp1 | |
| SUSE Linux Enterprise Server | =12-sp2 | |
| SUSE Linux Enterprise Server | =12-sp2 | |
| SUSE Linux Enterprise Server | =12-sp2 | |
| SUSE Linux Enterprise Software Development Kit | =11.0-sp4 | |
| SUSE Linux Enterprise Software Development Kit | =12.0-sp2 | |
| GNU C Library (glibc) | <=2.25 | |
| Debian Linux | =8.0 | |
| Debian Linux | =9.0 | |
| McAfee Web Gateway Cloud Service | <=7.6.2.14 | |
| McAfee Web Gateway Cloud Service | >=7.7.0.0<=7.7.2.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
- http://seclists.org/fulldisclosure/2019/Sep/7
- http://www.debian.org/security/2017/dsa-3887
- http://www.securityfocus.com/bid/99127
- http://www.securitytracker.com/id/1038712
- https://access.redhat.com/errata/RHSA-2017:1479
- https://access.redhat.com/errata/RHSA-2017:1480
- https://access.redhat.com/errata/RHSA-2017:1481
- https://access.redhat.com/errata/RHSA-2017:1567
- https://access.redhat.com/errata/RHSA-2017:1712
- https://access.redhat.com/security/cve/CVE-2017-1000366
- https://kc.mcafee.com/corporate/index?page=content&id=SB10205
- https://seclists.org/bugtraq/2019/Sep/7
- https://security.gentoo.org/glsa/201706-19
- https://www.exploit-db.com/exploits/42274/
- https://www.exploit-db.com/exploits/42275/
- https://www.exploit-db.com/exploits/42276/
- https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
- https://www.suse.com/security/cve/CVE-2017-1000366/
- https://www.suse.com/support/kb/doc/?id=7020973
Frequently Asked Questions
What is the severity of CVE-2017-1000366?
CVE-2017-1000366 is considered a critical vulnerability due to its potential for arbitrary code execution.
How do I fix CVE-2017-1000366?
To fix CVE-2017-1000366, you should update the affected glibc packages to a version that includes the relevant security patches.
What versions are affected by CVE-2017-1000366?
CVE-2017-1000366 affects various versions of Red Hat Enterprise Linux and several SUSE Linux distributions with specific glibc versions.
Can CVE-2017-1000366 lead to remote code execution?
Yes, CVE-2017-1000366 can potentially lead to remote code execution if exploited by an attacker using specially crafted LD_LIBRARY_PATH values.
Is CVE-2017-1000366 specific to Linux?
CVE-2017-1000366 specifically impacts the GNU C Library (glibc), primarily used in Linux operating systems.
- agent/type
- agent/first-publish-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2017-1000366
- agent/references
- agent/severity
- agent/weakness
- agent/remedy
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/trending
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/redhat
- canonical/red hat enterprise linux
- version/red hat enterprise linux/5
- version/red hat enterprise linux/6.0
- version/red hat enterprise linux/7.0
- canonical/red hat enterprise linux desktop
- version/red hat enterprise linux desktop/6.0
- version/red hat enterprise linux desktop/7.0
- canonical/red hat enterprise linux server
- version/red hat enterprise linux server/6.0
- version/red hat enterprise linux server/6.6
- version/red hat enterprise linux server/7.0
- version/red hat enterprise linux server/5.9
- version/red hat enterprise linux server/6.2
- version/red hat enterprise linux server/6.4
- version/red hat enterprise linux server/6.5
- version/red hat enterprise linux server/7.2
- version/red hat enterprise linux server/7.3
- version/red hat enterprise linux server/7.4
- version/red hat enterprise linux server/7.6
- version/red hat enterprise linux server/6.7
- version/red hat enterprise linux server/7.5
- canonical/red hat enterprise linux server long life
- version/red hat enterprise linux server long life/5.9
- canonical/red hat enterprise linux workstation
- version/red hat enterprise linux workstation/6.0
- version/red hat enterprise linux workstation/7.0
- vendor/openstack
- canonical/openstack magnum orchestration
- version/openstack magnum orchestration/7
- vendor/novell
- canonical/suse linux enterprise desktop
- version/suse linux enterprise desktop/12.0-sp2
- canonical/suse linux enterprise point of sale
- version/suse linux enterprise point of sale/11.0-sp3
- canonical/suse linux enterprise server
- version/suse linux enterprise server/11.0-sp3
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.2
- vendor/suse
- version/suse linux enterprise server/12-sp1
- version/suse linux enterprise server/10-sp4
- version/suse linux enterprise server/11-sp4
- version/suse linux enterprise server/12-sp2
- canonical/suse linux enterprise software development kit
- version/suse linux enterprise software development kit/11.0-sp4
- version/suse linux enterprise software development kit/12.0-sp2
- vendor/gnu
- canonical/gnu c library (glibc)
- version/gnu c library (glibc)/2.25
- vendor/debian
- canonical/debian linux
- version/debian linux/8.0
- version/debian linux/9.0
- vendor/mcafee
- canonical/mcafee web gateway cloud service
- version/mcafee web gateway cloud service/7.6.2.14
- version/mcafee web gateway cloud service/7.7.0.0
- version/mcafee web gateway cloud service/7.7.2.2