CVE - CVE-2017-1000364

CVE-ID
CVE-2017-1000364	Learn more at National Vulnerability Database (NVD) • Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings
Description
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt CONFIRM:https://access.redhat.com/security/cve/CVE-2017-1000364 CONFIRM:https://www.suse.com/security/cve/CVE-2017-1000364/ CONFIRM:https://www.suse.com/support/kb/doc/?id=7020973 CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10205 DEBIAN:DSA-3886 URL:http://www.debian.org/security/2017/dsa-3886 REDHAT:RHSA-2017:1482 URL:https://access.redhat.com/errata/RHSA-2017:1482 REDHAT:RHSA-2017:1483 URL:https://access.redhat.com/errata/RHSA-2017:1483 REDHAT:RHSA-2017:1484 URL:https://access.redhat.com/errata/RHSA-2017:1484 REDHAT:RHSA-2017:1485 URL:https://access.redhat.com/errata/RHSA-2017:1485 REDHAT:RHSA-2017:1486 URL:https://access.redhat.com/errata/RHSA-2017:1486 REDHAT:RHSA-2017:1487 URL:https://access.redhat.com/errata/RHSA-2017:1487 REDHAT:RHSA-2017:1488 URL:https://access.redhat.com/errata/RHSA-2017:1488 REDHAT:RHSA-2017:1489 URL:https://access.redhat.com/errata/RHSA-2017:1489 REDHAT:RHSA-2017:1490 URL:https://access.redhat.com/errata/RHSA-2017:1490 REDHAT:RHSA-2017:1491 URL:https://access.redhat.com/errata/RHSA-2017:1491 REDHAT:RHSA-2017:1567 URL:https://access.redhat.com/errata/RHSA-2017:1567 REDHAT:RHSA-2017:1616 URL:https://access.redhat.com/errata/RHSA-2017:1616 REDHAT:RHSA-2017:1647 URL:https://access.redhat.com/errata/RHSA-2017:1647 REDHAT:RHSA-2017:1712 URL:https://access.redhat.com/errata/RHSA-2017:1712 BID:99130 URL:http://www.securityfocus.com/bid/99130 SECTRACK:1038724 URL:http://www.securitytracker.com/id/1038724
Assigning CNA
Distributed Weakness Filing Project
Date Entry Created
20170619	Disclaimer: The entry creation date may reflect when the CVE-ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20170619)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an entry on the CVE list, which standardizes names for security problems.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: cve@mitre.org