AVG-311

Package linux-zen
Status Fixed
Severity Medium
Type multiple issues
Affected 4.11.6-3
Fixed 4.14-1
Current 4.19.2.zen1-1 [testing]
4.19.1.zen2-2 [extra]
Ticket None
Created Mon Jun 19 21:51:28 2017
Issue Severity Remote Type Description
CVE-2017-1000379 Medium No Access restriction bypass
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...
CVE-2017-1000365 Medium No Insufficient validation
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does...
References
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Notes
Fixed in v4.12