8 matches found
K97457339: Linux kernel vulnerabilities CVE-2017-1000370 and CVE-2017-1000371
Security Advisory Description CVE-2017-1000370 The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execveed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above...
Security update for the Linux Kernel (important)
The openSUSE Leap 42.2 kernel was updated to 4.4.74 to receive various security and bugfixes. This update fixes some long standing btrfs issues. The following security bugs were fixed: - CVE-2017-7518: A KVM debug exception in the syscall handling was fixed which might have been used for local...
Updated kernel-tmb packages fixes critical security vulnerabilities
This kernel-tmb update is based on upstream 4.4.74 and fixes at least the following security issues: The ipxitfioctl function in net/ipx/afipx.c in the Linux kernel through 4.11.1 mishandles reference counts, which allows local users to cause a denial of service use-after-free or possibly have...
CVE-2017-1000365
CVE-2017-1000365 affects the Linux kernel where size limits for arguments and environment strings passed via RLIMIT_STACK/RLIMIT_INFINITY do not properly account for the argument/environment pointers, enabling a local attacker to potentially execute arbitrary code. The issue is described as a lim...
CVE-2017-1000365
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 of the size, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel version...
CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimu...
CVE-2017-1000371
The offset2lib patch as used by the Linux Kernel contains a vulnerability, if RLIMITSTACK is set to RLIMINFINITY and 1 Gigabyte of memory is allocated the maximum under the 1/4 restriction then the stack will be grown down to 0x80000000, and as the PIE binary is mapped above 0x80000000 the minimu...
CVE-2017-1000365
The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMITSTACK/RLIMINFINITY 1/4 of the size, but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel version...