AVG-311 log

Package	linux-zen
Status	Fixed
Severity	Medium
Type	multiple issues
Affected	4.11.6-3
Fixed	4.14-1
Current	6.8.7.zen1-2 [extra-testing] 6.8.7.zen1-1 [extra]
Ticket	None
Created	Mon Jun 19 21:51:28 2017

Issue	Severity	Remote	Type	Description
CVE-2017-1000379	Medium	No	Access restriction bypass	The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...
CVE-2017-1000365	Medium	No	Insufficient validation	The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does...

Issue

Severity

Remote

Type

Description

CVE-2017-1000379

Medium

Access restriction bypass

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...

CVE-2017-1000365

Medium

Insufficient validation

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does...

References
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Notes
Fixed in v4.12