AVG-312

Package linux-lts
Status Fixed
Severity Medium
Type access restriction bypass
Affected 4.9.38-1
Fixed 4.9.39-1
Current 4.19.56-1 [testing]
4.19.55-2 [core]
Ticket None
Created Mon Jun 19 21:52:18 2017
Issue Severity Remote Type Description
CVE-2017-1000371 Medium No Access restriction bypass
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated...
CVE-2017-1000370 Medium No Access restriction bypass
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental...
References
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt