CVE-2017-1000364

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

References

http://www.debian.org/security/2017/dsa-3886

http://www.securityfocus.com/bid/99130

http://www.securitytracker.com/id/1038724

https://access.redhat.com/errata/RHSA-2017:1482

https://access.redhat.com/errata/RHSA-2017:1483

https://access.redhat.com/errata/RHSA-2017:1484

https://access.redhat.com/errata/RHSA-2017:1485

https://access.redhat.com/errata/RHSA-2017:1486

https://access.redhat.com/errata/RHSA-2017:1487

https://access.redhat.com/errata/RHSA-2017:1488

https://access.redhat.com/errata/RHSA-2017:1489

https://access.redhat.com/errata/RHSA-2017:1490

https://access.redhat.com/errata/RHSA-2017:1491

https://access.redhat.com/errata/RHSA-2017:1567

https://access.redhat.com/errata/RHSA-2017:1616

https://access.redhat.com/errata/RHSA-2017:1647

https://access.redhat.com/errata/RHSA-2017:1712

https://access.redhat.com/security/cve/CVE-2017-1000364

https://kc.mcafee.com/corporate/index?page=content&id=SB10205

https://kc.mcafee.com/corporate/index?page=content&id=SB10207

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us

https://www.exploit-db.com/exploits/45625/

https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

https://www.suse.com/security/cve/CVE-2017-1000364/

https://www.suse.com/support/kb/doc/?id=7020973

Details

Source: MITRE

Published: 2017-06-19

Updated: 2018-10-18

Type: CWE-119

Risk Information

CVSS v2

Base Score: 6.2

Vector: AV:L/AC:H/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 1.9

Severity: MEDIUM

CVSS v3

Base Score: 7.4

Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.4

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:* versions up to 4.11.5 (inclusive)

Tenable Plugins

View all (101 total)

IDNameProductFamilySeverity
132248RancherOS < 1.0.3 Local Memory CorruptionNessusMisc.
high
127325NewStart CGSL MAIN 4.05 : kernel Multiple Vulnerabilities (NS-SA-2019-0099)NessusNewStart CGSL Local Security Checks
critical
125301EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1508)NessusHuawei Local Security Checks
high
124821EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1498)NessusHuawei Local Security Checks
high
121706Photon OS 1.0: Linux PHSA-2017-0022NessusPhotonOS Local Security Checks
high
121068Juniper Junos Space 18.4.x < 18.4R1 Multiple Vulnerabilities (JSA10917)NessusJunos Local Security Checks
high
111871Photon OS 1.0: Glibc / Linux PHSA-2017-0022 (deprecated)NessusPhotonOS Local Security Checks
high
106469OracleVM 3.4 : Unbreakable / etc (OVMSA-2018-0015) (BlueBorne) (Meltdown) (Spectre) (Stack Clash)NessusOracleVM Local Security Checks
critical
105469F5 Networks BIG-IP : Linux kernel vulnerability (K51931024) (Stack Clash)NessusF5 Networks Local Security Checks
high
105248OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0174) (BlueBorne) (Dirty COW) (Stack Clash)NessusOracleVM Local Security Checks
high
105247Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3659)NessusOracle Linux Local Security Checks
high
105145Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3658)NessusOracle Linux Local Security Checks
high
104100Juniper Junos Space < 17.1R1 Multiple Vulnerabilities (JSA10826)NessusJunos Local Security Checks
high
103673FireEye Operating System Multiple Vulnerabilities (AX < 7.7.7 / EX < 8.0.1)NessusFirewalls
critical
102774OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0145) (Stack Clash)NessusOracleVM Local Security Checks
critical
102773Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3609)NessusOracle Linux Local Security Checks
critical
102511Oracle Linux 7 : kernel (ELSA-2017-1842-1) (Stack Clash)NessusOracle Linux Local Security Checks
critical
102496McAfee Web Gateway 7.6.x < 7.6.2.15 / 7.7.x < 7.7.2.3 Multiple Vulnerabilities (SB10205)NessusMisc.
critical
102242EulerOS 2.0 SP2 : kernel (EulerOS-SA-2017-1155)NessusHuawei Local Security Checks
high
102241EulerOS 2.0 SP1 : kernel (EulerOS-SA-2017-1154)NessusHuawei Local Security Checks
high
102064OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0126) (Stack Clash)NessusOracleVM Local Security Checks
critical
102059Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3595)NessusOracle Linux Local Security Checks
critical
101948SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1946-1) (Stack Clash)NessusSuSE Local Security Checks
high
101947SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1945-1) (Stack Clash)NessusSuSE Local Security Checks
high
101946SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1944-1) (Stack Clash)NessusSuSE Local Security Checks
high
101945SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1943-1) (Stack Clash)NessusSuSE Local Security Checks
high
101944SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1942-1) (Stack Clash)NessusSuSE Local Security Checks
high
101943SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1941-1) (Stack Clash)NessusSuSE Local Security Checks
high
101942SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1939-1) (Stack Clash)NessusSuSE Local Security Checks
high
101940SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1937-1) (Stack Clash)NessusSuSE Local Security Checks
high
101927SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1924-1) (Stack Clash)NessusSuSE Local Security Checks
high
101926SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1922-1) (Stack Clash)NessusSuSE Local Security Checks
high
101890SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1915-1) (Stack Clash)NessusSuSE Local Security Checks
high
101889SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1912-1) (Stack Clash)NessusSuSE Local Security Checks
high
101888SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1910-1) (Stack Clash)NessusSuSE Local Security Checks
high
101887SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1909-1) (Stack Clash)NessusSuSE Local Security Checks
high
101886SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1906-1) (Stack Clash)NessusSuSE Local Security Checks
high
101885SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1905-1) (Stack Clash)NessusSuSE Local Security Checks
high
101723Fedora 26 : kernel (2017-d3ed702fe4) (Stack Clash)NessusFedora Local Security Checks
high
101544Oracle Linux 6 : Unbreakable Enterprise kernel (ELSA-2017-3592) (Stack Clash) (deprecated)NessusOracle Linux Local Security Checks
medium
101484Virtuozzo 6 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-1486)NessusVirtuozzo Local Security Checks
high
101483Virtuozzo 7 : kernel / kernel-abi-whitelists / kernel-debug / etc (VZLSA-2017-1484)NessusVirtuozzo Local Security Checks
high
101207Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-061)NessusVirtuozzo Local Security Checks
high
101206Slackware 14.0 : Slackware 14.0 kernel (SSA:2017-184-01) (Stack Clash)NessusSlackware Local Security Checks
high
101149Ubuntu 12.04 LTS : linux regression (USN-3338-2) (Stack Clash)NessusUbuntu Local Security Checks
high
101144SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1735-1) (Stack Clash)NessusSuSE Local Security Checks
high
101140OracleVM 3.4 : Unbreakable / etc (OVMSA-2017-0115) (Stack Clash)NessusOracleVM Local Security Checks
high
101138Oracle Linux 7 : kernel (ELSA-2017-1615-1) (Stack Clash)NessusOracle Linux Local Security Checks
high
101134openSUSE Security Update : the Linux Kernel (openSUSE-2017-734) (Stack Clash)NessusSuSE Local Security Checks
high
101127openSUSE Security Update : the Linux Kernel (openSUSE-2017-716) (Stack Clash)NessusSuSE Local Security Checks
high
101115Slackware 14.1 : Slackware 14.1 kernel (SSA:2017-180-01) (Stack Clash)NessusSlackware Local Security Checks
high
101106SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1707-1) (Stack Clash)NessusSuSE Local Security Checks
high
101103RHEL 6 : MRG (RHSA-2017:1647) (Stack Clash)NessusRed Hat Local Security Checks
critical
101102RHEL 7 : kernel-rt (RHSA-2017:1616) (Stack Clash)NessusRed Hat Local Security Checks
critical
101098Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2017-3587)NessusOracle Linux Local Security Checks
high
101082SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1706-1) (Stack Clash)NessusSuSE Local Security Checks
high
101080SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1704-1) (Stack Clash)NessusSuSE Local Security Checks
high
101068Fedora 24 : kernel (2017-05f10e29f4) (Stack Clash)NessusFedora Local Security Checks
high
101061SUSE SLES11 Security Update : kernel-source (SUSE-SU-2017:1696-1) (Stack Clash)NessusSuSE Local Security Checks
high
101053Virtuozzo 7 : crit / criu / criu-devel / python-criu / vzkernel / etc (VZA-2017-056)NessusVirtuozzo Local Security Checks
high
101052Virtuozzo 6 : parallels-server-bm-release / vzkernel / etc (VZA-2017-055)NessusVirtuozzo Local Security Checks
high
101051Slackware 14.2 / current : kernel (SSA:2017-177-01) (Stack Clash)NessusSlackware Local Security Checks
high
101037Fedora 25 : kernel (2017-d7bc1b3056) (Stack Clash)NessusFedora Local Security Checks
high
100990Ubuntu 12.04 LTS : linux vulnerabilities (USN-3338-1)NessusUbuntu Local Security Checks
high
100987Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-3335-2)NessusUbuntu Local Security Checks
high
100979RHEL 5 : kernel (RHSA-2017:1482) (Stack Clash)NessusRed Hat Local Security Checks
high
100954SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1628-1) (Stack Clash)NessusSuSE Local Security Checks
high
100938CentOS 6 : kernel (CESA-2017:1486) (Stack Clash)NessusCentOS Local Security Checks
high
100937CentOS 7 : kernel (CESA-2017:1484) (Stack Clash)NessusCentOS Local Security Checks
high
100933Ubuntu 14.04 LTS : linux, linux-meta vulnerabilities (USN-3335-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100932Ubuntu 14.04 LTS : linux-lts-xenial, linux-meta-lts-xenial vulnerabilities (USN-3334-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100931Ubuntu 16.04 LTS : linux-hwe, linux-meta-hwe vulnerabilities (USN-3333-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100930Ubuntu 16.04 LTS : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3332-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100929Ubuntu 16.04 LTS : linux-aws, linux-meta-aws vulnerabilities (USN-3331-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100928Ubuntu 16.04 LTS : linux-meta-snapdragon, linux-snapdragon vulnerabilities (USN-3330-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100927Ubuntu 16.04 LTS : linux-gke, linux-meta-gke vulnerabilities (USN-3329-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100926Ubuntu 16.04 LTS : linux, linux-meta vulnerabilities (USN-3328-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100925Ubuntu 16.10 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3327-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100924Ubuntu 16.10 : linux, linux-meta vulnerabilities (USN-3326-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100923Ubuntu 17.04 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3325-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100922Ubuntu 17.04 : linux, linux-meta vulnerabilities (USN-3324-1) (Stack Clash)NessusUbuntu Local Security Checks
high
100916SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1618-1) (Stack Clash)NessusSuSE Local Security Checks
high
100915SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2017:1617-1) (Stack Clash)NessusSuSE Local Security Checks
high
100914SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1615-1) (Stack Clash)NessusSuSE Local Security Checks
high
100912SUSE SLES11 Security Update : kernel (SUSE-SU-2017:1613-1) (Stack Clash)NessusSuSE Local Security Checks
high
100906Scientific Linux Security Update : kernel on SL7.x x86_64 (20170619) (Stack Clash)NessusScientific Linux Local Security Checks
high
100905Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20170619) (Stack Clash)NessusScientific Linux Local Security Checks
high
100901RHEL 6 : kernel (RHSA-2017:1491) (Stack Clash)NessusRed Hat Local Security Checks
high
100900RHEL 6 : kernel (RHSA-2017:1490) (Stack Clash)NessusRed Hat Local Security Checks
high
100899RHEL 6 : kernel (RHSA-2017:1489) (Stack Clash)NessusRed Hat Local Security Checks
high
100898RHEL 6 : kernel (RHSA-2017:1488) (Stack Clash)NessusRed Hat Local Security Checks
high
100897RHEL 6 : kernel (RHSA-2017:1487) (Stack Clash)NessusRed Hat Local Security Checks
high
100896RHEL 6 : kernel (RHSA-2017:1486) (Stack Clash)NessusRed Hat Local Security Checks
high
100895RHEL 7 : kernel (RHSA-2017:1485) (Stack Clash)NessusRed Hat Local Security Checks
high
100894RHEL 7 : kernel (RHSA-2017:1484) (Stack Clash)NessusRed Hat Local Security Checks
high
100893RHEL 5 : kernel (RHSA-2017:1483) (Stack Clash)NessusRed Hat Local Security Checks
medium
100889Oracle Linux 6 : kernel (ELSA-2017-1486)NessusOracle Linux Local Security Checks
high
100888Oracle Linux 7 : kernel (ELSA-2017-1484)NessusOracle Linux Local Security Checks
high
100877Debian DSA-3886-1 : linux - security update (Stack Clash)NessusDebian Local Security Checks
critical
100876Debian DLA-993-2 : linux regression update (Stack Clash)NessusDebian Local Security Checks
critical
100874Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)NessusAmazon Linux Local Security Checks
high