{"api_version":"1","generated_at":"2026-04-23T08:50:06+00:00","cve":"CVE-2017-1000364","urls":{"html":"https://cve.report/CVE-2017-1000364","api":"https://cve.report/api/cve/CVE-2017-1000364.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-1000364","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000364"},"summary":{"title":"CVE-2017-1000364","description":"An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-06-19 16:29:00","updated_at":"2018-10-18 10:29:00"},"problem_types":["CWE-119"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2017:1712","name":"RHSA-2017:1712","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.suse.com/security/cve/CVE-2017-1000364/","name":"https://www.suse.com/security/cve/CVE-2017-1000364/","refsource":"CONFIRM","tags":["Third Party Advisory"],"title":"CVE-2017-1000364 | SUSE","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1487","name":"RHSA-2017:1487","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10205","name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10205","refsource":"CONFIRM","tags":[],"title":"McAfee Corporate KB - McAfee Security Bulletin - Web Gateway update fixes vulnerabilities CVE-2012-6706, CVE-2017-1000364, CVE-2017-1000366, and CVE-2017-1000368 SB10205","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1485","name":"RHSA-2017:1485","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.suse.com/support/kb/doc/?id=7020973","name":"https://www.suse.com/support/kb/doc/?id=7020973","refsource":"CONFIRM","tags":["Third Party Advisory"],"title":"SUSE products and a new security bug class referred to as \"Stack Clash\". | Support | SUSE","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us","name":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us","refsource":"CONFIRM","tags":[],"title":"Document Display | HPE Support Center","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1486","name":"RHSA-2017:1486","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2017-1000364","name":"https://access.redhat.com/security/cve/CVE-2017-1000364","refsource":"CONFIRM","tags":["Third Party Advisory","VDB Entry"],"title":"CVE-2017-1000364 - Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1647","name":"RHSA-2017:1647","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1484","name":"RHSA-2017:1484","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.debian.org/security/2017/dsa-3886","name":"DSA-3886","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-3886-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1482","name":"RHSA-2017:1482","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1488","name":"RHSA-2017:1488","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/99130","name":"99130","refsource":"BID","tags":["Issue Tracking","VDB Entry"],"title":"Linux Kernel CVE-2017-1000364 Local Memory Corruption Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2017:1567","name":"RHSA-2017:1567","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1490","name":"RHSA-2017:1490","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1483","name":"RHSA-2017:1483","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1489","name":"RHSA-2017:1489","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10207","name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10207","refsource":"CONFIRM","tags":[],"title":"McAfee Security Bulletin - Threat Intelligence Exchange Server 2.1.0 Hotfix 1 update fixes Kernel related vulnerability and possible cross-site scripting attack (CVE-2017-1000364 and CVE-2017-3907)","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.exploit-db.com/exploits/45625/","name":"45625","refsource":"EXPLOIT-DB","tags":[],"title":"Solaris - RSH Stack Clash Privilege Escalation (Metasploit) - Solaris local Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt","name":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt","refsource":"MISC","tags":["Third Party Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1491","name":"RHSA-2017:1491","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1616","name":"RHSA-2017:1616","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securitytracker.com/id/1038724","name":"1038724","refsource":"SECTRACK","tags":[],"title":"Linux Kernel Small Stack Guard Page Lets Local Users Gain Elevated Privileges - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-1000364","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000364","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"1000364","vulnerable":"1","versionEndIncluding":"4.11.5","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2017-1000364","qid":"378246","title":"Virtuozzo Linux Security Update for kernel-tools-libs (VZLSA-2017:1484)"},{"cve":"CVE-2017-1000364","qid":"378323","title":"Virtuozzo Linux Security Update for kernel-headers (VZLSA-2017:1486)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-1000364","REQUESTER":"qsa@qualys.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010)."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"RHSA-2017:1491","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1491"},{"name":"https://access.redhat.com/security/cve/CVE-2017-1000364","refsource":"CONFIRM","url":"https://access.redhat.com/security/cve/CVE-2017-1000364"},{"name":"RHSA-2017:1486","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1486"},{"name":"RHSA-2017:1489","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1489"},{"name":"RHSA-2017:1490","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1490"},{"name":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt","refsource":"MISC","url":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"},{"name":"45625","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/45625/"},{"name":"RHSA-2017:1482","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1482"},{"name":"RHSA-2017:1647","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1647"},{"name":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us","refsource":"CONFIRM","url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03800en_us"},{"name":"RHSA-2017:1616","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1616"},{"name":"RHSA-2017:1712","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1712"},{"name":"RHSA-2017:1483","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1483"},{"name":"RHSA-2017:1487","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1487"},{"name":"99130","refsource":"BID","url":"http://www.securityfocus.com/bid/99130"},{"name":"https://www.suse.com/support/kb/doc/?id=7020973","refsource":"CONFIRM","url":"https://www.suse.com/support/kb/doc/?id=7020973"},{"name":"RHSA-2017:1567","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1567"},{"name":"RHSA-2017:1484","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1484"},{"name":"https://www.suse.com/security/cve/CVE-2017-1000364/","refsource":"CONFIRM","url":"https://www.suse.com/security/cve/CVE-2017-1000364/"},{"name":"DSA-3886","refsource":"DEBIAN","url":"http://www.debian.org/security/2017/dsa-3886"},{"name":"1038724","refsource":"SECTRACK","url":"http://www.securitytracker.com/id/1038724"},{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10205","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10205"},{"name":"RHSA-2017:1485","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1485"},{"name":"RHSA-2017:1488","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1488"},{"name":"https://kc.mcafee.com/corporate/index?page=content&id=SB10207","refsource":"CONFIRM","url":"https://kc.mcafee.com/corporate/index?page=content&id=SB10207"}]}},"nvd":{"publishedDate":"2017-06-19 16:29:00","lastModifiedDate":"2018-10-18 10:29:00","problem_types":["CWE-119"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"HIGH","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.4,"baseSeverity":"HIGH"},"exploitabilityScore":1.4,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:H/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"HIGH","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":6.2},"severity":"MEDIUM","exploitabilityScore":1.9,"impactScore":10,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndIncluding":"4.11.5","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"1000364","Ordinal":"106784","Title":"CVE-2017-1000364","CVE":"CVE-2017-1000364","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"1000364","Ordinal":"1","NoteData":"An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be \"jumped\" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).","Type":"Description","Title":null},{"CveYear":"2017","CveId":"1000364","Ordinal":"2","NoteData":"2017-06-19","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"1000364","Ordinal":"3","NoteData":"2018-10-18","Type":"Other","Title":"Modified"}]}}}