{"api_version":"1","generated_at":"2026-04-23T05:14:22+00:00","cve":"CVE-2017-1000379","urls":{"html":"https://cve.report/CVE-2017-1000379","api":"https://cve.report/api/cve/CVE-2017-1000379.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2017-1000379","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000379"},"summary":{"title":"CVE-2017-1000379","description":"The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2017-06-19 16:29:00","updated_at":"2023-01-17 21:03:00"},"problem_types":["NVD-CWE-noinfo"],"metrics":[],"references":[{"url":"https://www.exploit-db.com/exploits/42275/","name":"42275","refsource":"EXPLOIT-DB","tags":[],"title":"Linux Kernel (Debian 7.7/8.5/9.0 / Ubuntu 14.04.2/16.04.2/17.04 / Fedora 22/25 / CentOS 7.3.1611) - 'ldso_hwcap_64 Stack Clash' Local Privilege Escalation - Linux_x86-64 local Exploit","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1712","name":"RHSA-2017:1712","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1487","name":"RHSA-2017:1487","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1842","name":"RHSA-2017:1842","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1485","name":"RHSA-2017:1485","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/99284","name":"99284","refsource":"BID","tags":[],"title":"Malformed Request","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://access.redhat.com/errata/RHSA-2017:1486","name":"RHSA-2017:1486","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1647","name":"RHSA-2017:1647","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1484","name":"RHSA-2017:1484","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1482","name":"RHSA-2017:1482","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/security/cve/CVE-2017-1000379","name":"https://access.redhat.com/security/cve/CVE-2017-1000379","refsource":"CONFIRM","tags":["Third Party Advisory","VDB Entry"],"title":"CVE-2017-1000379 - Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1488","name":"RHSA-2017:1488","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1490","name":"RHSA-2017:1490","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1489","name":"RHSA-2017:1489","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt","name":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt","refsource":"MISC","tags":["Third Party Advisory"],"title":"","mime":"text/plain","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1491","name":"RHSA-2017:1491","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2017:1616","name":"RHSA-2017:1616","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2017-1000379","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2017-1000379","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2017","cve_id":"1000379","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"1000379","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"4.11.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2017","cve_id":"1000379","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"4.11.5","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2017-1000379","qid":"378246","title":"Virtuozzo Linux Security Update for kernel-tools-libs (VZLSA-2017:1484)"},{"cve":"CVE-2017-1000379","qid":"378323","title":"Virtuozzo Linux Security Update for kernel-headers (VZLSA-2017:1486)"},{"cve":"CVE-2017-1000379","qid":"671064","title":"EulerOS Security Update for kernel (EulerOS-SA-2019-2599)"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2017-1000379","REQUESTER":"qsa@qualys.com","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"RHSA-2017:1491","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1491"},{"name":"RHSA-2017:1486","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1486"},{"name":"RHSA-2017:1489","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1489"},{"name":"RHSA-2017:1490","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1490"},{"name":"https://access.redhat.com/security/cve/CVE-2017-1000379","refsource":"CONFIRM","url":"https://access.redhat.com/security/cve/CVE-2017-1000379"},{"name":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt","refsource":"MISC","url":"https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt"},{"name":"RHSA-2017:1482","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1482"},{"name":"RHSA-2017:1647","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1647"},{"name":"99284","refsource":"BID","url":"http://www.securityfocus.com/bid/99284"},{"name":"42275","refsource":"EXPLOIT-DB","url":"https://www.exploit-db.com/exploits/42275/"},{"name":"RHSA-2017:1616","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1616"},{"name":"RHSA-2017:1712","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1712"},{"name":"RHSA-2017:1487","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1487"},{"name":"RHSA-2017:1484","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1484"},{"name":"RHSA-2017:1842","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1842"},{"name":"RHSA-2017:1485","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1485"},{"name":"RHSA-2017:1488","refsource":"REDHAT","url":"https://access.redhat.com/errata/RHSA-2017:1488"}]}},"nvd":{"publishedDate":"2017-06-19 16:29:00","lastModifiedDate":"2023-01-17 21:03:00","problem_types":["NVD-CWE-noinfo"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH","baseScore":7.8,"baseSeverity":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE","baseScore":7.2},"severity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3","versionEndExcluding":"3.10.107","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"2.6.12","versionEndExcluding":"3.2.90","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.11","versionEndExcluding":"3.16.45","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.17","versionEndExcluding":"3.18.58","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"3.19","versionEndExcluding":"4.1.42","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.2","versionEndExcluding":"4.4.74","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.5","versionEndExcluding":"4.9.34","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionStartIncluding":"4.10","versionEndExcluding":"4.11.7","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2017","CveId":"1000379","Ordinal":"106626","Title":"CVE-2017-1000379","CVE":"CVE-2017-1000379","Year":"2017"},"notes":[{"CveYear":"2017","CveId":"1000379","Ordinal":"1","NoteData":"The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.","Type":"Description","Title":null},{"CveYear":"2017","CveId":"1000379","Ordinal":"2","NoteData":"2017-06-19","Type":"Other","Title":"Published"},{"CveYear":"2017","CveId":"1000379","Ordinal":"3","NoteData":"2018-01-04","Type":"Other","Title":"Modified"}]}}}