CVE-2017-1000253
Vulnerability from cvelistv5
Published
2017-10-04 01:00
Modified
2024-09-10 03:55
Summary
Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
Impacted products
n/an/a
CISA Known exploited vulnerability
Data from the Known Exploited Vulnerabilities Catalog

Date added: 2024-09-09

Due date: 2024-09-30

Required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Used in ransomware: Known

Notes: This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https://nvd.nist.gov/vuln/detail/CVE-2017-1000253

Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T22:00:39.693Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:2798",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2798"
          },
          {
            "name": "RHSA-2017:2795",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2795"
          },
          {
            "name": "1039434",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1039434"
          },
          {
            "name": "RHSA-2017:2801",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2801"
          },
          {
            "name": "RHSA-2017:2796",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2796"
          },
          {
            "name": "101010",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/101010"
          },
          {
            "name": "RHSA-2017:2799",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2799"
          },
          {
            "name": "RHSA-2017:2794",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2794"
          },
          {
            "name": "RHSA-2017:2793",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2793"
          },
          {
            "name": "RHSA-2017:2797",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2797"
          },
          {
            "name": "RHSA-2017:2802",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2802"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
          },
          {
            "name": "RHSA-2017:2800",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2800"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.0"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.1"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.2"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.4"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.5"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.6"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.7"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.8"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "6.9"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "7.1406"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "7.1503"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "7.1511"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "centos",
            "vendor": "centos",
            "versions": [
              {
                "status": "affected",
                "version": "7.1611"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*",
              "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "enterprise_linux",
            "vendor": "redhat",
            "versions": [
              {
                "status": "affected",
                "version": "6.0"
              },
              {
                "status": "affected",
                "version": "6.1"
              },
              {
                "status": "affected",
                "version": "6.2"
              },
              {
                "status": "affected",
                "version": "6.3"
              },
              {
                "status": "affected",
                "version": "6.4"
              },
              {
                "status": "affected",
                "version": "6.5"
              },
              {
                "status": "affected",
                "version": "6.6"
              },
              {
                "status": "affected",
                "version": "6.7"
              },
              {
                "status": "affected",
                "version": "6.8"
              },
              {
                "status": "affected",
                "version": "6.9"
              },
              {
                "status": "affected",
                "version": "7.0"
              },
              {
                "status": "affected",
                "version": "7.1"
              },
              {
                "status": "affected",
                "version": "7.2"
              },
              {
                "status": "affected",
                "version": "7.3"
              }
            ]
          },
          {
            "cpes": [
              "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "linux_kernel",
            "vendor": "linux",
            "versions": [
              {
                "lessThan": "3.2.70",
                "status": "affected",
                "version": "2.6.25",
                "versionType": "custom"
              },
              {
                "lessThan": "3.4.109",
                "status": "affected",
                "version": "3.3",
                "versionType": "custom"
              },
              {
                "lessThan": "3.10.77",
                "status": "affected",
                "version": "3.5",
                "versionType": "custom"
              },
              {
                "lessThan": "3.12.43",
                "status": "affected",
                "version": "3.11",
                "versionType": "custom"
              },
              {
                "lessThan": "3.14.41",
                "status": "affected",
                "version": "3.13",
                "versionType": "custom"
              },
              {
                "lessThan": "3.16.35",
                "status": "affected",
                "version": "3.15",
                "versionType": "custom"
              },
              {
                "lessThan": "3.18.14",
                "status": "affected",
                "version": "3.17",
                "versionType": "custom"
              },
              {
                "lessThan": "3.19.7",
                "status": "affected",
                "version": "3.19",
                "versionType": "custom"
              },
              {
                "lessThan": "4.0.2",
                "status": "affected",
                "version": "1.0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2017-1000253",
                "options": [
                  {
                    "Exploitation": "active"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-06T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          },
          {
            "other": {
              "content": {
                "dateAdded": "2024-09-09",
                "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"
              },
              "type": "kev"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-119",
                "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-10T03:55:14.762Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "timeline": [
          {
            "lang": "en",
            "time": "2024-09-09T00:00:00+00:00",
            "value": "CVE-2017-1000253 added to CISA KEV"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "dateAssigned": "2017-09-25T00:00:00",
      "datePublic": "2017-10-03T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-12-08T10:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2017:2798",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2798"
        },
        {
          "name": "RHSA-2017:2795",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2795"
        },
        {
          "name": "1039434",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1039434"
        },
        {
          "name": "RHSA-2017:2801",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2801"
        },
        {
          "name": "RHSA-2017:2796",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2796"
        },
        {
          "name": "101010",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/101010"
        },
        {
          "name": "RHSA-2017:2799",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2799"
        },
        {
          "name": "RHSA-2017:2794",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2794"
        },
        {
          "name": "RHSA-2017:2793",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2793"
        },
        {
          "name": "RHSA-2017:2797",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2797"
        },
        {
          "name": "RHSA-2017:2802",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2802"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
        },
        {
          "name": "RHSA-2017:2800",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2800"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "DATE_ASSIGNED": "2017-09-25",
          "ID": "CVE-2017-1000253",
          "REQUESTER": "qsa@qualys.com",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2017:2798",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2798"
            },
            {
              "name": "RHSA-2017:2795",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2795"
            },
            {
              "name": "1039434",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1039434"
            },
            {
              "name": "RHSA-2017:2801",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2801"
            },
            {
              "name": "RHSA-2017:2796",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2796"
            },
            {
              "name": "101010",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/101010"
            },
            {
              "name": "RHSA-2017:2799",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2799"
            },
            {
              "name": "RHSA-2017:2794",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2794"
            },
            {
              "name": "RHSA-2017:2793",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2793"
            },
            {
              "name": "RHSA-2017:2797",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2797"
            },
            {
              "name": "RHSA-2017:2802",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2802"
            },
            {
              "name": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt",
              "refsource": "MISC",
              "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"
            },
            {
              "name": "RHSA-2017:2800",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2800"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-1000253",
    "datePublished": "2017-10-04T01:00:00",
    "dateReserved": "2017-10-03T00:00:00",
    "dateUpdated": "2024-09-10T03:55:14.762Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "meta": {
    "cisa_known_exploited": {
      "cveID": "CVE-2017-1000253",
      "cwes": "[\"CWE-119\"]",
      "dateAdded": "2024-09-09",
      "dueDate": "2024-09-30",
      "knownRansomwareCampaignUse": "Known",
      "notes": "This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https://nvd.nist.gov/vuln/detail/CVE-2017-1000253",
      "product": "Kernel",
      "requiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.",
      "shortDescription": "Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. ",
      "vendorProject": "Linux",
      "vulnerabilityName": "Linux Kernel PIE Stack Buffer Corruption Vulnerability "
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-1000253\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-10-05T01:29:04.790\",\"lastModified\":\"2024-09-11T11:12:20.577\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"cisaExploitAdd\":\"2024-09-09\",\"cisaActionDue\":\"2024-09-30\",\"cisaRequiredAction\":\"Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.\",\"cisaVulnerabilityName\":\"Linux Kernel PIE Stack Buffer Corruption Vulnerability \",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm-\u003emmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm-\u003emmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm-\u003emmap_base into the are that is supposed to be the \\\"gap\\\" between the stack and the binary.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad en las distribuciones de Linux que no han parcheado sus kernels de largo mantenimiento con https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (confirmada el 14 de abril de 2015). Esta vulnerabilidad en los kernels se parche\u00f3 en abril de 2015 por el commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (aplicado a Linux 3.10.77 en mayo de 2015), pero no se reconoci\u00f3 como amenaza de seguridad. Con CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE habilitado y una estrategia vertical normal de asignaci\u00f3n de direcciones, load_elf_binary() intentar\u00e1 mapear un binario PIE en un rango de direcciones inmediatamente inferior a mm-\u003emmap_base. Por desgracia, load_elf_ binary() no tiene en cuenta la necesidad de asignar el suficiente espacio para todo el binario, lo que significa que, estando el primer segmento PT_LOAD est\u00e1 mapeado bajo mm-\u003emmap_base, los siguientes segmentos PT_LOAD acaban mapeados sobre mm-\u003emmap_base en el \u00e1rea que deber\u00eda ser el \\\"hueco\\\" entre la pila y el binario.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:L/AC:L/Au:N/C:C/I:C/A:C\",\"accessVector\":\"LOCAL\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\",\"baseScore\":7.2},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":3.9,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"ED1C5E1D-21F5-46FA-89F6-A9B7E4BC94EE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"455E5124-9EC1-4C73-997B-212D9DDC5949\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E3652270-3566-49BF-9235-EE041EF87E63\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FAE1DFBF-E5FF-42B1-B58C-34C94A8AB65F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"76CA16D1-B633-4E1A-A769-1587B4DFE09C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D880E621-F60A-4EDB-B3A5-93411DDF0E36\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDA91BDF-A89A-4EE1-AED9-9523B5C1DD7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"444146DF-7ACE-4D4A-AA39-CD17D4ADDD98\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"48FE5EA8-A978-464D-89E1-1AD187C92D2A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9420109A-E62E-40F9-9B82-EF9D5431680C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"27A0A2BB-D332-428B-AE50-3A5EC0551C79\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AE32F8A2-B456-40CF-A6C0-27B8B9096A83\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25459148-714C-4322-847A-FFF4D9B37EBF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3EB71F04-DF1E-48CE-BC2F-3A6A47C025BC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6D5A165C-3721-4A87-839F-BD4F6778DA77\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9A1F55A9-FAAF-4751-BA6A-93CDB31B11C6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9045284A-C762-4913-B5AF-8499235F969C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"905EC4D0-7604-476A-8176-9FFCEB1DC6B1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"564DCCFD-77BF-4FB1-A0A0-96104B154282\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"467A831E-C63B-476F-A71F-8FB52556BC45\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"84FF61DF-D634-4FB5-8DF1-01F631BE1A7A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"243980B8-4044-4776-B521-F9D709E68CCB\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"39A7795D-CFD3-4643-A7A1-7AD7629B5511\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"266EA1B3-526F-4D12-873E-08CE3861AEA6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E4DC974-235F-4655-966F-2490A4C4E490\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B99A2411-7F6A-457F-A7BF-EB13C630F902\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.25\",\"versionEndExcluding\":\"3.2.70\",\"matchCriteriaId\":\"64B31F8B-955E-437A-BD1C-8FDBC53CA2EA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.3\",\"versionEndExcluding\":\"3.4.109\",\"matchCriteriaId\":\"6548E1CE-CC24-4E01-A277-1424BE536777\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.5\",\"versionEndExcluding\":\"3.10.77\",\"matchCriteriaId\":\"F018224B-768E-407A-AEA6-5CEFAC65534C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.11\",\"versionEndExcluding\":\"3.12.43\",\"matchCriteriaId\":\"3677661A-9F24-4A1D-A66A-DF9330DF6DB9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.13\",\"versionEndExcluding\":\"3.14.41\",\"matchCriteriaId\":\"E439BE91-83E3-4795-9E2D-C174EE1B84F5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.15\",\"versionEndExcluding\":\"3.16.35\",\"matchCriteriaId\":\"7DC4BA70-B111-4D2E-BC78-6601CED68F08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.17\",\"versionEndExcluding\":\"3.18.14\",\"matchCriteriaId\":\"0BB16F9A-A3E5-4CAC-905D-F60426BBAD9D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"3.19\",\"versionEndExcluding\":\"3.19.7\",\"matchCriteriaId\":\"25099C5E-E14E-44D4-8482-0F87E1A22572\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4.0\",\"versionEndExcluding\":\"4.0.2\",\"matchCriteriaId\":\"AB190AE4-287F-40B5-AC62-0B1E50DBE00D\"}]}]}],\"references\":[{\"url\":\"http://www.securityfocus.com/bid/101010\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1039434\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2793\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2794\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2795\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2796\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2797\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2798\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2799\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2800\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2801\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2802\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"Third Party Advisory\"]}]}}"
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...
  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.