Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2017-1000253

Опубликовано: 05 окт. 2017
Источник: ubuntu
Приоритет: high
CVSS2: 7.2
CVSS3: 7.8

Описание

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

РелизСтатусПримечание
artful

not-affected

4.10.0-19.21
bionic

not-affected

4.13.0-16.19
devel

not-affected

4.15.0-20.21
esm-infra-legacy/trusty

released

3.13.0-57.95
esm-infra/bionic

not-affected

4.13.0-16.19
esm-infra/xenial

not-affected

4.2.0-16.19
precise/esm

not-affected

3.2.0-91.129
trusty

released

3.13.0-57.95
trusty/esm

released

3.13.0-57.95
upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

4.15.0-1001.1
devel

not-affected

4.15.0-1007.7
esm-infra-legacy/trusty

not-affected

4.4.0-1002.2
esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.4.0-1001.10
precise/esm

DNE

trusty

not-affected

4.4.0-1002.2
trusty/esm

not-affected

4.4.0-1002.2
upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

4.15.0-1002.2
devel

not-affected

4.15.0-1009.9
esm-infra-legacy/trusty

not-affected

4.15.0-1023.24~14.04.1
esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.11.0-1009.9
precise/esm

DNE

trusty

not-affected

4.15.0-1023.24~14.04.1
trusty/esm

not-affected

4.15.0-1023.24~14.04.1
upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

4.15.0-1001.1
devel

not-affected

4.15.0-1006.6
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1001.1
esm-infra/xenial

not-affected

4.10.0-1004.4
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

not-affected

4.4.0-1003.3

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

4.18.0-8.9~18.04.1
devel

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

4.18.0-8.9~18.04.1
esm-infra/xenial

not-affected

4.8.0-36.36~16.04.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

4.15.0-1002.2
devel

not-affected

4.15.0-1008.8
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.2
esm-infra/xenial

not-affected

4.4.0-1004.9
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

ignored

end of life
trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

ignored

end of life
trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

ignored

end of life
trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

not-affected

3.13.0-57.95~precise1
trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was ignored [end of life, was needs-triage]
precise/esm

DNE

trusty

ignored

end of standard support, was needs-triage
trusty/esm

ignored

end of life, was needs-triage
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [end of standard support]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

not-affected

4.4.0-13.29~14.04.1
precise/esm

DNE

trusty

not-affected

4.4.0-13.29~14.04.1
trusty/esm

not-affected

4.4.0-13.29~14.04.1
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-apps/xenial

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was ignored [abandoned]
upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

not-affected

4.15.0-1002.3
devel

not-affected

4.15.0-1004.5
esm-infra-legacy/trusty

DNE

esm-infra/bionic

not-affected

4.15.0-1002.3
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
xenial

not-affected

4.13.0-1008.9

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

РелизСтатусПримечание
artful

not-affected

4.10.0-1004.6
bionic

not-affected

4.13.0-1005.5
devel

not-affected

4.15.0-1010.11
esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

ignored

end of life
xenial

not-affected

4.2.0-1013.19

Показывать по

РелизСтатусПримечание
artful

not-affected

4.4.0-1050.54
bionic

not-affected

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

not-affected

4.4.0-1012.12

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

devel

DNE

esm-infra-legacy/trusty

DNE

precise/esm

DNE

trusty

DNE

trusty/esm

DNE

upstream

released

4.1~rc1
vivid/ubuntu-core

DNE

xenial

DNE

Показывать по

Ссылки на источники

7.2 High

CVSS2

7.8 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2017-1000253

CVSS3: 7.8
redhat
около 8 лет назад

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

nvd логотип

CVE-2017-1000253

CVSS3: 7.8
nvd
около 8 лет назад

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

debian логотип

CVE-2017-1000253

CVSS3: 7.8
debian
около 8 лет назад

Linux distributions that have not patched their long-term kernels with ...

suse-cvrf логотип

SUSE-SU-2017:2725-1

suse-cvrf
около 8 лет назад

Security update for the Linux Kernel

suse-cvrf логотип

SUSE-SU-2017:2723-1

suse-cvrf
около 8 лет назад

Security update for the Linux Kernel

7.2 High

CVSS2

7.8 High

CVSS3

Уязвимость CVE-2017-1000253