CVE-2017-1000379

Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation

Severity Score

7.8

*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

*Multiple Sources

Exploited in Wild

*KEV

Decision

*SSVC

Descriptions

El Kernel de Linux ejecutándose en sistemas AMD64 a veces asignará el contenido de un ejecutable PIE, la región heap o el archivo ld.so donde la pila es asignada, permitiendo a los atacantes manipular más fácilmente la pila. Kernel de Linux versión 4.11.5, esta afectado.

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux kernel when handling L2CAP configuration responses. A physically proximate attacker could use this to cause a denial of service (system crash). It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.

*Credits: N/A

CVSS Scores

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

None

Integrity

Low

Availability

None

Attack Vector

Local

Attack Complexity

Low

Authentication

None

Confidentiality

Complete

Integrity

Complete

Availability

Complete

* Common Vulnerability Scoring System

SSVC

Decision:-

Exploitation

Automatable

Tech. Impact

* Organization's Worst-case Scenario

Timeline

2017-06-13 CVE Reserved
2017-06-19 CVE Published
2017-06-30 First Exploit
2024-08-05 CVE Updated
2025-03-30 EPSS Updated
---------- Exploited in Wild
---------- KEV Due Date

CWE

CAPEC

References (19)

URL	Tag	Source
http://www.securityfocus.com/bid/99284	Third Party Advisory
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt	Third Party Advisory

URL	Date	SRC
https://packetstorm.news/files/id/143205	2017-06-30
https://www.exploit-db.com/exploits/42275	2024-08-05

URL	Date	SRC

URL	Date	SRC
https://access.redhat.com/errata/RHSA-2017:1482	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1484	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1485	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1486	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1487	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1488	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1489	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1490	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1491	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1616	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1647	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1712	2023-01-17
https://access.redhat.com/errata/RHSA-2017:1842	2023-01-17
https://access.redhat.com/security/cve/CVE-2017-1000379	2017-08-01
https://bugzilla.redhat.com/show_bug.cgi?id=1462165	2017-08-01

Affected Vendors, Products, and Versions

Vendor		Product				Version		Other		Status
Vendor	Product	Version	Other	Status	<-- -->	Vendor	Product	Version	Other	Status
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 2.6.12 < 3.2.90 Search vendor "Linux" for product "Linux Kernel" and version " >= 2.6.12 < 3.2.90"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.3 < 3.10.107 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.3 < 3.10.107"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.11 < 3.16.45 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.11 < 3.16.45"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.17 < 3.18.58 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.17 < 3.18.58"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 3.19 < 4.1.42 Search vendor "Linux" for product "Linux Kernel" and version " >= 3.19 < 4.1.42"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.2 < 4.4.74 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.2 < 4.4.74"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.5 < 4.9.34 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.5 < 4.9.34"		-		Affected
Linux Search vendor "Linux"		Linux Kernel Search vendor "Linux" for product "Linux Kernel"				>= 4.10 < 4.11.7 Search vendor "Linux" for product "Linux Kernel" and version " >= 4.10 < 4.11.7"		-		Affected