CVE-2017-1000371

Public on 2017-06-19
Modified on 2017-06-19
Description
A flaw was found in the Linux kernel's implementation of mapping ELF PIE binary loading to allow evasion of the stack-guard page protection mechanisms that intend to mitigate this behavior. This issue appears to be limited to i386 based systems.
Severity
Low severity
Low
CVSS v3 Base Score
2.9
See breakdown

Affected Packages

Platform Package Release Date Advisory Status
Amazon Linux 1 kernel 2017-06-19 ALAS-2017-845 Fixed

CVSS Scores

Score Type Score Vector
Amazon Linux CVSSv3 2.9 CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
NVD CVSSv2 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C
NVD CVSSv3 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H