ALT-PU-2017-1773-1
Package kernel-image-un-def updated to version 4.9.33-alt0.M80P.2 for branch p8 in task 184568.
Closed vulnerabilities
Published: 2017-06-18
BDU:2017-01479
Уязвимость в реализации механизма Stack Guard-Page ядра операционной системы Linux, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.4)
Vector: AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
Published: 2017-06-19
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2017-1000364
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
Severity: HIGH (7.4)
Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
- DSA-3886
- DSA-3886
- 99130
- 99130
- 1038724
- 1038724
- RHSA-2017:1482
- RHSA-2017:1482
- RHSA-2017:1483
- RHSA-2017:1483
- RHSA-2017:1484
- RHSA-2017:1484
- RHSA-2017:1485
- RHSA-2017:1485
- RHSA-2017:1486
- RHSA-2017:1486
- RHSA-2017:1487
- RHSA-2017:1487
- RHSA-2017:1488
- RHSA-2017:1488
- RHSA-2017:1489
- RHSA-2017:1489
- RHSA-2017:1490
- RHSA-2017:1490
- RHSA-2017:1491
- RHSA-2017:1491
- RHSA-2017:1567
- RHSA-2017:1567
- RHSA-2017:1616
- RHSA-2017:1616
- RHSA-2017:1647
- RHSA-2017:1647
- RHSA-2017:1712
- RHSA-2017:1712
- https://access.redhat.com/security/cve/CVE-2017-1000364
- https://access.redhat.com/security/cve/CVE-2017-1000364
- https://kc.mcafee.com/corporate/index?page=content&id=SB10205
- https://kc.mcafee.com/corporate/index?page=content&id=SB10205
- https://kc.mcafee.com/corporate/index?page=content&id=SB10207
- https://kc.mcafee.com/corporate/index?page=content&id=SB10207
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us
- 45625
- 45625
- https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
- https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
- https://www.suse.com/security/cve/CVE-2017-1000364/
- https://www.suse.com/security/cve/CVE-2017-1000364/
- https://www.suse.com/support/kb/doc/?id=7020973
- https://www.suse.com/support/kb/doc/?id=7020973