CISA KEV 정보
| 취약점명 | Linux Kernel PIE Stack Buffer Corruption Vulnerability |
|---|---|
| 설명 | Linux kernel contains a position-independent executable (PIE) stack buffer corruption vulnerability in load_elf_ binary() that allows a local attacker to escalate privileges. |
| 조치사항 | Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable. |
| 랜섬웨어 캠페인 악용 | Known |
| CWE | CWE-119 |
| 등록일 (KEV) | 2024-09-09 |
| 조치 기한 | 2024-09-30 |
| 추가 참고 | This vulnerability affects a common open-source component, third-party library, or a protocol used by different products. For more information, please see: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a87938b2e246b81b4fb713edb371a9fa3c5c3c86; https://nvd.nist.gov/vuln/detail/CVE-2017-1000253 |
NVD 상세 정보
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HAV:L/AC:L/Au:N/C:C/I:C/A:C설명: Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.
CWE: CWE-119 | CWE-119
참조
- http://www.securityfocus.com/bid/101010 [Third Party Advisory, VDB Entry]
- http://www.securitytracker.com/id/1039434 [Third Party Advisory, VDB Entry]
- https://access.redhat.com/errata/RHSA-2017:2793 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2794 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2795 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2796 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2797 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2798 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2799 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2800 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2801 [Third Party Advisory]
- https://access.redhat.com/errata/RHSA-2017:2802 [Third Party Advisory]
- https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt [Patch, Third Party Advisory]
- http://www.securityfocus.com/bid/101010 [Third Party Advisory, VDB Entry]
- http://www.securitytracker.com/id/1039434 [Third Party Advisory, VDB Entry]
- ... 외 12건
This product uses the NVD API but is not endorsed or certified by the NVD.