AVG-312

Package linux-lts
Status Vulnerable
Severity Medium
Type multiple issues
Affected 4.9.33-1
Fixed Unknown
Current 4.14.78-1 [testing]
4.14.77-1 [core]
Ticket Create
Created Mon Jun 19 21:52:18 2017
Issue Severity Remote Type Description
CVE-2017-1000379 Medium No Access restriction bypass
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...
CVE-2017-1000371 Medium No Access restriction bypass
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated...
CVE-2017-1000370 Medium No Access restriction bypass
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental...
CVE-2017-1000365 Medium No Insufficient validation
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does...
References
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt