AVG-320 log

Package	linux-hardened
Status	Not affected
Severity	Medium
Type	access restriction bypass
Affected	4.11.6.b-1
Fixed	Not affected
Current	6.8.7.hardened1-2 [extra]
Ticket	None
Created	Thu Jun 22 14:23:30 2017

Issue	Severity	Remote	Type	Description
CVE-2017-1000379	Medium	No	Access restriction bypass	The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...
CVE-2017-1000371	Medium	No	Access restriction bypass	The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated...
CVE-2017-1000370	Medium	No	Access restriction bypass	The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental...

Issue

Severity

Remote

Type

Description

CVE-2017-1000379

Medium

Access restriction bypass

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing...

CVE-2017-1000371

Medium

Access restriction bypass

The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMIT_STACK is set to RLIM_INFINITY and 1 Gigabyte of memory is allocated...

CVE-2017-1000370

Medium

Access restriction bypass

The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental...

Notes
don't impact linux-hardened since it maps the executable low in the address space