Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-9686

kernel update [RHEL7.3 3.10.0-514.21.2.el7]

    XMLWordPrintable

Details

    • Bug
    • Resolution: Fixed
    • Minor
    • None
    • None
    • None
    • 3
    • 9223372036854775807

    Description

      Security Fix(es):

      • A flaw was found in the way memory was being allocated on the stack for user
        space binaries. If heap (or different memory region) and stack memory regions
        were adjacent to each other, an attacker could use this flaw to jump over the
        stack guard gap, cause controlled memory corruption on process stack or the
        adjacent memory region, and thus increase their privileges on the system. This
        is a kernel-side mitigation which increases the stack guard gap size from one
        page to 1 MiB to make successful exploitation of this issue more difficult.
        (CVE-2017-1000364, Important)

      Bugs fixed (https://bugzilla.redhat.com/):

      1461333 - CVE-2017-1000364 kernel: heap/stack gap jumping via unbounded stack allocations

      Attachments

        Issue Links

          Activity

            People

              bogl Bob Glossman (Inactive)
              bogl Bob Glossman (Inactive)
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: