PT-2015-3328 · Linux+4 · Linux Kernel+4

Published

2015-04-14

Updated

2025-09-29

CVE-2017-1000253

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux Kernel versions prior to 3.10.77

Description The issue is related to the function load elf binary() in the Linux kernel, which incorrectly allocates address space for PIE binaries when CONFIG ARCH BINFMT ELF RANDOMIZE PIE is enabled and a normal top-down address allocation strategy is used. This can lead to a stack buffer corruption vulnerability, potentially allowing a local attacker to execute arbitrary code. The vulnerability was fixed in April 2015 but was not recognized as a security threat at the time.

Recommendations For Linux Kernel versions prior to 3.10.77, update to version 3.10.77 or later to resolve the issue. As a temporary workaround, consider disabling the CONFIG ARCH BINFMT ELF RANDOMIZE PIE configuration option to minimize the risk of exploitation. Restrict access to the load elf binary() function to prevent potential attacks.

Exploit

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

ALSA-2025_16880

ALT-PU-2015-1427

ALT-PU-2015-1428

BDU:2017-02405

CESA-2017_1842

CESA-2017_2795

CVE-2017-1000253

ELSA-2017-2795

ELSA-2017-3626

RHSA-2017:1842

RHSA-2017:2793

RHSA-2017:2794

RHSA-2017:2795

RHSA-2017:2796

RHSA-2017:2797

RHSA-2017:2798

RHSA-2017:2799

RHSA-2017:2800

RHSA-2017:2801

RHSA-2017:2802

RHSA-2017_1842

RHSA-2017_2795

RHSA-2017_2801

SUSE-SU-2017:2723-1

SUSE-SU-2017:2725-1

SUSE-SU-2017:3165-1

SUSE-SU-2017_2723-1

SUSE-SU-2017_2725-1

SUSE-SU-2025:0152-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2015-3328 · Linux+4 · Linux Kernel+4

CVE-2017-1000253

Weakness Enumeration

Related Identifiers

Affected Products

References · 98