Details
-
Bug
-
Resolution: Won't Fix
-
Minor
-
None
-
None
-
None
-
3
-
9223372036854775807
Description
Security Fix(es):
A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system. (CVE-2017-1000253, Important)
Bugs fixed (https://bugzilla.redhat.com/):
BZ - 1492212 - CVE-2017-1000253 kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary
Attachments
Issue Links
Activity
John L. Hammond (john.hammond@intel.com) merged in patch https://review.whamcloud.com/29248/
Subject: LU-10037 kernel: kernel update RHEL6.9 [2.6.32-696.10.3.el6]
Project: fs/lustre-release
Branch: b2_10
Current Patch Set:
Commit: c24484c74dc833b22d742f80c305c4ad380146b5
Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/29248
Subject: LU-10037 kernel: kernel update RHEL6.9 [2.6.32-696.10.3.el6]
Project: fs/lustre-release
Branch: b2_10
Current Patch Set: 1
Commit: 092b3c2ef157f645421e851aa5ad166199829de3
Bob Glossman (bob.glossman@intel.com) uploaded a new patch: https://review.whamcloud.com/29247
Subject: LU-10037 kernel: kernel update RHEL6.9 [2.6.32-696.10.3.el6]
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: b11069421799683308e2de48cca1727baf30194a
replaced by
LU-10088, a later version update