CVE-2017-1000379
First published: Mon Jun 19 2017(Updated: )
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/linux | 4.19.249-2 4.19.289-2 5.10.197-1 5.10.191-1 6.1.66-1 6.1.52-1 6.5.13-1 6.6.8-1 | |
| Linux kernel | >=2.6.12<3.2.90 | |
| Linux kernel | >=3.3<3.10.107 | |
| Linux kernel | >=3.11<3.16.45 | |
| Linux kernel | >=3.17<3.18.58 | |
| Linux kernel | >=3.19<4.1.42 | |
| Linux kernel | >=4.2<4.4.74 | |
| Linux kernel | >=4.5<4.9.34 | |
| Linux kernel | >=4.10<4.11.7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/99284
- https://access.redhat.com/errata/RHSA-2017:1482
- https://access.redhat.com/errata/RHSA-2017:1484
- https://access.redhat.com/errata/RHSA-2017:1485
- https://access.redhat.com/errata/RHSA-2017:1486
- https://access.redhat.com/errata/RHSA-2017:1487
- https://access.redhat.com/errata/RHSA-2017:1488
- https://access.redhat.com/errata/RHSA-2017:1489
- https://access.redhat.com/errata/RHSA-2017:1490
- https://access.redhat.com/errata/RHSA-2017:1491
- https://access.redhat.com/errata/RHSA-2017:1616
- https://access.redhat.com/errata/RHSA-2017:1647
- https://access.redhat.com/errata/RHSA-2017:1712
- https://access.redhat.com/errata/RHSA-2017:1842
- https://access.redhat.com/security/cve/CVE-2017-1000379
- https://www.exploit-db.com/exploits/42275/
- https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
- https://security-tracker.debian.org/tracker/CVE-2017-1000379
Frequently Asked Questions
What is the vulnerability severity of CVE-2017-1000379?
CVE-2017-1000379 has a high severity rating, indicating significant risk to affected systems.
How do I fix CVE-2017-1000379?
To fix CVE-2017-1000379, upgrade to the patched versions of the Linux Kernel, specifically those released after 4.11.5.
What systems are affected by CVE-2017-1000379?
CVE-2017-1000379 affects Linux Kernel versions before 4.19.249, 4.19.289, 5.10.197, and various versions within the specified ranges.
Is there a known exploit for CVE-2017-1000379?
Yes, attackers can exploit CVE-2017-1000379 to manipulate the stack, increasing the risk of execution of arbitrary code.
How can I check if my system is vulnerable to CVE-2017-1000379?
You can check if your system is vulnerable to CVE-2017-1000379 by verifying the installed Linux Kernel version against the affected versions listed in the advisory.
- collector/security-tracker-debian
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/author
- agent/references
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- package-manager/debian
- vendor/linux
- canonical/linux kernel
- version/linux kernel/2.6.12
- version/linux kernel/3.3
- version/linux kernel/3.11
- version/linux kernel/3.17
- version/linux kernel/3.19
- version/linux kernel/4.2
- version/linux kernel/4.5
- version/linux kernel/4.10