Home > Vulnerability Database > CVE-2017-1000364

Mend.io Vulnerability Database

CVE-2017-1000364

Date: June 19, 2017

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

Language: C

Severity Score

7.4

Related Resources (29)

Url: https://www.suse.com/security/cve/CVE-2017-1000364/

Url: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Url: https://access.redhat.com/errata/RHSA-2017:1482

Url: https://access.redhat.com/errata/RHSA-2017:1484

Url: https://access.redhat.com/errata/RHSA-2017:1483

Url: https://access.redhat.com/errata/RHSA-2017:1486

Url: https://access.redhat.com/errata/RHSA-2017:1485

Url: https://access.redhat.com/errata/RHSA-2017:1488

Url: https://access.redhat.com/errata/RHSA-2017:1487

Url: https://www.exploit-db.com/exploits/45625/

Url: https://access.redhat.com/errata/RHSA-2017:1712

Url: http://www.securityfocus.com/bid/99130

Url: http://www.debian.org/security/2017/dsa-3886

Url: https://access.redhat.com/errata/RHSA-2017:1616

Url: https://access.redhat.com/errata/RHSA-2017:1491

Url: https://access.redhat.com/errata/RHSA-2017:1490

Url: https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us

Url: https://nvd.nist.gov/vuln/detail/CVE-2017-1000364

Url: https://access.redhat.com/errata/RHSA-2017:1567

Url: https://access.redhat.com/errata/RHSA-2017:1489

Url: http://www.securitytracker.com/id/1038724

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2017-1000364

Url: https://access.redhat.com/errata/RHSA-2017:1647

Url: https://www.suse.com/support/kb/doc/?id=7020973

Url: https://kc.mcafee.com/corporate/index?page=content&id=SB10207

Url: https://kc.mcafee.com/corporate/index?page=content&id=SB10205

Url: https://access.redhat.com/security/cve/CVE-2017-1000364

Url: https://security-tracker.debian.org/tracker/CVE-2017-1000364

Url: https://www.mend.io/vulnerability-database/CVE-2017-1000364

Severity Score

7.4

Weakness Type (CWE)

Improper Restriction of Operations within the Bounds of a Memory Buffer

CWE-119

CVSS v3.1

Base Score:	7.4
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	HIGH

CVSS v2

Base Score:	6.2
Access Vector (AV):	LOCAL
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	COMPLETE
Integrity (I):	COMPLETE
Availability (A):	COMPLETE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2017-1000364

Date: June 19, 2017

Language: C

Severity Score

Related Resources (29)

Severity Score

Weakness Type (CWE)

CVSS v3.1

CVSS v2

Do you need more information?