- Vulnerability/
- USN-3324-1
USN-3324-1: Linux kernel vulnerability
First published: Thu Jun 22 2017(Updated: )
It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-4.10.0-24-lowlatency | <4.10.0-24.28 | 4.10.0-24.28 |
| =17.04 | ||
| All of | ||
| ubuntu/linux-image-generic | <4.10.0.24.26 | 4.10.0.24.26 |
| =17.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae | <4.10.0.24.26 | 4.10.0.24.26 |
| =17.04 | ||
| All of | ||
| ubuntu/linux-image-4.10.0-24-generic-lpae | <4.10.0-24.28 | 4.10.0-24.28 |
| =17.04 | ||
| All of | ||
| ubuntu/linux-image-4.10.0-24-generic | <4.10.0-24.28 | 4.10.0-24.28 |
| =17.04 | ||
| All of | ||
| ubuntu/linux-image-lowlatency | <4.10.0.24.26 | 4.10.0.24.26 |
| =17.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2017-1000364
- https://ubuntu.com/security/notices/USN-3335-2
- https://ubuntu.com/security/notices/USN-3331-1
- https://ubuntu.com/security/notices/USN-3330-1
- https://ubuntu.com/security/notices/USN-3335-1
- https://ubuntu.com/security/notices/USN-3326-1
- https://ubuntu.com/security/notices/USN-3329-1
- https://ubuntu.com/security/notices/USN-3328-1
- https://ubuntu.com/security/notices/USN-3327-1
- https://ubuntu.com/security/notices/USN-3334-1
- https://ubuntu.com/security/notices/USN-3338-1
- https://ubuntu.com/security/notices/USN-3332-1
- https://ubuntu.com/security/notices/USN-3333-1
- https://ubuntu.com/security/notices/USN-3325-1
- https://launchpad.net/ubuntu/+source/linux/4.10.0-24.28
- https://ubuntu.com/security/notices/USN-3324-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this Linux kernel vulnerability?
The vulnerability ID for this Linux kernel vulnerability is USN-3324-1.
What is the description of the Linux kernel vulnerability?
The Linux kernel vulnerability allows an attacker to execute arbitrary code and gain administrative privileges by leveraging the insufficiently large stack guard page for processes.
Is there a fix available for this Linux kernel vulnerability?
Yes, there is a fix available for this Linux kernel vulnerability. Update to version 4.10.0-24.28 of the Linux kernel package or a later version to mitigate the vulnerability.
What software is affected by this Linux kernel vulnerability?
Ubuntu version 17.04 is affected by this Linux kernel vulnerability.
Where can I find more information about this Linux kernel vulnerability?
You can find more information about this Linux kernel vulnerability at the following references: [CVE-2017-1000364](https://ubuntu.com/security/CVE-2017-1000364), [USN-3335-2](https://ubuntu.com/security/notices/USN-3335-2), [USN-3331-1](https://ubuntu.com/security/notices/USN-3331-1).
- agent/references
- agent/severity
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- collector/usn
- source/Ubuntu
- anchor-related/USN-3335-2
- anchor-related/USN-3331-1
- anchor-related/USN-3330-1
- anchor-related/USN-3335-1
- anchor-related/USN-3326-1
- anchor-related/USN-3329-1
- anchor-related/USN-3328-1
- anchor-related/USN-3327-1
- anchor-related/USN-3334-1
- anchor-related/USN-3338-1
- anchor-related/USN-3332-1
- anchor-related/USN-3333-1
- anchor-related/USN-3325-1
- agent/software-canonical-lookup
- agent/title
- agent/tags
- agent/description
- agent/event
- agent/trending
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/17.04