PT-2017-2409 · Linux+3 · Linux Kernel+3

Publicado

2017-06-18

Atualizado

2023-01-17

CVE-2017-1000379

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel version 4.11.5

Description The issue is related to insufficient access control in the Linux kernel, which can be exploited by a local attacker to manipulate stack data. On AMD64 systems, the Linux Kernel may map the contents of PIE executable, the heap, or ld.so to the stack's location, making it easier for attackers to manipulate the stack.

Recommendations For Linux Kernel version 4.11.5, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-264

Identificadores relacionados

ALT-PU-2017-1781

ALT-PU-2017-1854

BDU:2017-01612

CESA-2017_1484

CESA-2017_1486

CESA-2017_1842

CVE-2017-1000379

RHSA-2017:1482

RHSA-2017:1484

RHSA-2017:1485

RHSA-2017:1486

RHSA-2017:1487

RHSA-2017:1488

RHSA-2017:1489

RHSA-2017:1490

RHSA-2017:1491

RHSA-2017:1616

RHSA-2017:1647

RHSA-2017:1842

RHSA-2017_1482

RHSA-2017_1484

RHSA-2017_1486

RHSA-2017_1616

RHSA-2017_1842

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

PT-2017-2409 · Linux+3 · Linux Kernel+3

CVE-2017-1000379

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 31