Vulnerability Details : CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated (the maximum under the 1/4 restriction) then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimum distance between the end of the PIE binary's read-write segment and the start of the stack becomes small enough that the stack guard page can be jumped over by an attacker. This affects Linux Kernel version 4.11.5. This is a different issue than CVE-2017-1000370 and CVE-2017-1000365. This issue appears to be limited to i386 based systems.
Products affected by CVE-2017-1000371
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Threat overview for CVE-2017-1000371
Top countries where our scanners detected CVE-2017-1000371
Top open port discovered on systems with this issue
49152
IPs affected by CVE-2017-1000371 2,102
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2017-1000371!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2017-1000371
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 25 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2017-1000371
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.2
|
HIGH | AV:L/AC:L/Au:N/C:C/I:C/A:C |
3.9
|
10.0
|
NIST | |
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2017-1000371
-
http://www.debian.org/security/2017/dsa-3981
Debian -- Security Information -- DSA-3981-1 linuxThird Party Advisory
-
https://access.redhat.com/security/cve/CVE-2017-1000371
CVE-2017-1000371 - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://www.exploit-db.com/exploits/42273/
Linux Kernel - 'offset2lib' Stack ClashThird Party Advisory;VDB Entry
-
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Third Party Advisory
-
https://www.exploit-db.com/exploits/42276/
Linux Kernel (Debian 9/10 / Ubuntu 14.04.5/16.04.2/17.04 / Fedora 23/24/25) - 'ldso_dynamic Stack Clash' Local Privilege EscalationThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/99131
Linux Kernel CVE-2017-1000371 Local Security Bypass VulnerabilityThird Party Advisory;VDB Entry
Jump to