cbcvebase.
CVE-2017-1000364
published 2017-06-19

CVE-2017-1000364: An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over…

PriorityP346high7.4CVSS 3.0
AVLACHPRNUINSUCHIHAH
EXPLOIT
EPSS
5.19%
91.4th percentile
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

Affected

6 ranges
VendorProductVersion rangeFixed in
debianlinux< linux 4.11.6-1 (bookworm)linux 4.11.6-1 (bookworm)
linuxlinux_kernel<= 4.11.5
linuxlinux_kernel>= 0 < 4.11.6-14.11.6-1
linuxlinux_kernel>= 0 < 4.11.6-14.11.6-1
linuxlinux_kernel>= 0 < 4.11.6-14.11.6-1
linuxlinux_kernel>= 0 < 4.11.6-14.11.6-1

CVSS provenance

nvdv3.07.4HIGHCVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.2MEDIUMAV:L/AC:H/Au:N/C:C/I:C/A:C
osv7.4HIGH
vendor_ubuntu7.8HIGH
vendor_debian7.4HIGH
vendor_redhat7.4HIGH
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.