CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
28.1%
The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected.
www.securityfocus.com/bid/99284
access.redhat.com/errata/RHSA-2017:1482
access.redhat.com/errata/RHSA-2017:1484
access.redhat.com/errata/RHSA-2017:1485
access.redhat.com/errata/RHSA-2017:1486
access.redhat.com/errata/RHSA-2017:1487
access.redhat.com/errata/RHSA-2017:1488
access.redhat.com/errata/RHSA-2017:1489
access.redhat.com/errata/RHSA-2017:1490
access.redhat.com/errata/RHSA-2017:1491
access.redhat.com/errata/RHSA-2017:1616
access.redhat.com/errata/RHSA-2017:1647
access.redhat.com/errata/RHSA-2017:1712
access.redhat.com/errata/RHSA-2017:1842
access.redhat.com/security/cve/CVE-2017-1000379
www.exploit-db.com/exploits/42275/
www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
28.1%