Vulnerability Details : CVE-2017-1000376
libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi prior to version 3.1 on 32 bit x86 systems was vulnerable, and upstream is believed to have fixed this issue in version 3.1.
Vulnerability category: Overflow
Threat overview for CVE-2017-1000376
Top countries where our scanners detected CVE-2017-1000376
Top open port discovered on systems with this issue
53
IPs affected by CVE-2017-1000376 751,571
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2017-1000376!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2017-1000376
Probability of exploitation activity in the next 30 days: 0.06%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 21 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2017-1000376
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST |
CWE ids for CVE-2017-1000376
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2017-1000376
-
https://www.oracle.com/security-alerts/cpujan2020.html
Oracle Critical Patch Update Advisory - January 2020Third Party Advisory
-
https://access.redhat.com/security/cve/CVE-2017-1000376
Red Hat Customer PortalThird Party Advisory
-
http://www.debian.org/security/2017/dsa-3889
Debian -- Security Information -- DSA-3889-1 libffiThird Party Advisory
-
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Mailing List;Third Party Advisory
Products affected by CVE-2017-1000376
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openshift:2.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:enterprise_virtualization_server:-:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peopletools:8.56:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:peopletools:8.57:*:*:*:*:*:*:*
- cpe:2.3:a:libffi_project:libffi:*:*:*:*:*:*:*:*