CVE-2017-1000253 - Vulnerability Details

CVE-2017-1000253 - kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary

Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:L/AC:L/Au:N/C:C/I:C/A:C

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Centos	Centos
Linux	Linux Kernel
Redhat	Enterprise Linux Rhel Aus Rhel Els Rhel Eus Rhel Mission Critical Rhel Tus

Configuration 1 [-]

OR	cpe:2.3:o:centos:centos:6.0:::::::*
	cpe:2.3:o:centos:centos:6.1:::::::*
	cpe:2.3:o:centos:centos:6.2:::::::*
	cpe:2.3:o:centos:centos:6.3:::::::*
	cpe:2.3:o:centos:centos:6.4:::::::*
	cpe:2.3:o:centos:centos:6.5:::::::*
	cpe:2.3:o:centos:centos:6.6:::::::*
	cpe:2.3:o:centos:centos:6.7:::::::*
	cpe:2.3:o:centos:centos:6.8:::::::*
	cpe:2.3:o:centos:centos:6.9:::::::*
	cpe:2.3:o:centos:centos:7.1406:::::::*
	cpe:2.3:o:centos:centos:7.1503:::::::*
	cpe:2.3:o:centos:centos:7.1511:::::::*
	cpe:2.3:o:centos:centos:7.1611:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.3:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.4:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.5:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.6:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.7:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.8:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.9:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.1:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.2:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.3:::::::*

Configuration 2 [-]

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 5.9 Long Life
kernel-0:2.6.18-348.34.2.el5	cpe:/o:redhat:rhel_aus:5.9	RHSA-2017:2802	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 5 Extended Lifecycle Support
kernel-0:2.6.18-423.el5	cpe:/o:redhat:rhel_els:5	RHSA-2017:2801	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6
kernel-0:2.6.32-696.10.3.el6	cpe:/o:redhat:enterprise_linux:6	RHSA-2017:2795	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.2 Advanced Update Support
kernel-0:2.6.32-220.76.1.el6	cpe:/o:redhat:rhel_mission_critical:6.2	RHSA-2017:2800	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.4 Advanced Update Support
kernel-0:2.6.32-358.84.1.el6	cpe:/o:redhat:rhel_aus:6.4	RHSA-2017:2799	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
kernel-0:2.6.32-431.85.1.el6	cpe:/o:redhat:rhel_aus:6.5	RHSA-2017:2798	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.5 Telco Extended Update Support
kernel-0:2.6.32-431.85.1.el6	cpe:/o:redhat:rhel_tus:6.5	RHSA-2017:2798	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
kernel-0:2.6.32-504.63.3.el6	cpe:/o:redhat:rhel_aus:6.6	RHSA-2017:2797	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.6 Telco Extended Update Support
kernel-0:2.6.32-504.63.3.el6	cpe:/o:redhat:rhel_tus:6.6	RHSA-2017:2797	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.7 Extended Update Support
kernel-0:2.6.32-573.48.1.el6	cpe:/o:redhat:rhel_eus:6.7	RHSA-2017:2796	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 7
kernel-0:3.10.0-693.el7	cpe:/o:redhat:enterprise_linux:7	RHSA-2017:1842	2017-08-01T00:00:00Z
Red Hat Enterprise Linux 7.2 Extended Update Support
kernel-0:3.10.0-327.59.3.el7	cpe:/o:redhat:rhel_eus:7.2	RHSA-2017:2794	2017-09-26T00:00:00Z
Red Hat Enterprise Linux 7.3 Extended Update Support
kernel-0:3.10.0-514.32.3.el7	cpe:/o:redhat:rhel_eus:7.3	RHSA-2017:2793	2017-09-26T00:00:00Z

References

Link	Providers
http://www.securityfocus.com/bid/101010
http://www.securitytracker.com/id/1039434
https://access.redhat.com/errata/RHSA-2017:2793
https://access.redhat.com/errata/RHSA-2017:2794
https://access.redhat.com/errata/RHSA-2017:2795
https://access.redhat.com/errata/RHSA-2017:2796
https://access.redhat.com/errata/RHSA-2017:2797
https://access.redhat.com/errata/RHSA-2017:2798
https://access.redhat.com/errata/RHSA-2017:2799
https://access.redhat.com/errata/RHSA-2017:2800
https://access.redhat.com/errata/RHSA-2017:2801
https://access.redhat.com/errata/RHSA-2017:2802
https://nvd.nist.gov/vuln/detail/CVE-2017-1000253
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
https://www.cve.org/CVERecord?id=CVE-2017-1000253
https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt

History

Tue, 10 Sep 2024 05:30:00 +0000

Type	Values Removed	Values Added
References		https://www.cisa.gov/known-exploited-vulnerabilities-catalog

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2017-10-04T01:00:00

Updated: 2024-09-10T03:55:14.762Z

Reserved: 2017-10-03T00:00:00

Link: CVE-2017-1000253

Vulnrichment

Updated: 2024-08-05T22:00:39.693Z

NVD

Status : Analyzed

Published: 2017-10-05T01:29:04.790

Modified: 2025-01-22T19:08:07.267

Link: CVE-2017-1000253

Redhat

Severity : Important

Publid Date: 2017-09-26T00:00:00Z

Links: CVE-2017-1000253 - Bugzilla

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "dateAssigned": "2017-09-25T00:00:00", "datePublic": "2017-10-03T00:00:00", "descriptions": [{"lang": "en", "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-08T10:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2017:2798", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2798"}, {"name": "RHSA-2017:2795", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2795"}, {"name": "1039434", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1039434"}, {"name": "RHSA-2017:2801", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2801"}, {"name": "RHSA-2017:2796", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2796"}, {"name": "101010", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/101010"}, {"name": "RHSA-2017:2799", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2799"}, {"name": "RHSA-2017:2794", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2794"}, {"name": "RHSA-2017:2793", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2793"}, {"name": "RHSA-2017:2797", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2797"}, {"name": "RHSA-2017:2802", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2802"}, {"tags": ["x_refsource_MISC"], "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"}, {"name": "RHSA-2017:2800", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2017:2800"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "DATE_ASSIGNED": "2017-09-25", "ID": "CVE-2017-1000253", "REQUESTER": "qsa@qualys.com", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2017:2798", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2798"}, {"name": "RHSA-2017:2795", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2795"}, {"name": "1039434", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1039434"}, {"name": "RHSA-2017:2801", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2801"}, {"name": "RHSA-2017:2796", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2796"}, {"name": "101010", "refsource": "BID", "url": "http://www.securityfocus.com/bid/101010"}, {"name": "RHSA-2017:2799", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2799"}, {"name": "RHSA-2017:2794", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2794"}, {"name": "RHSA-2017:2793", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2793"}, {"name": "RHSA-2017:2797", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2797"}, {"name": "RHSA-2017:2802", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2802"}, {"name": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt", "refsource": "MISC", "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"}, {"name": "RHSA-2017:2800", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2017:2800"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:00:39.693Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2017:2798", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2798"}, {"name": "RHSA-2017:2795", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2795"}, {"name": "1039434", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1039434"}, {"name": "RHSA-2017:2801", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2801"}, {"name": "RHSA-2017:2796", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2796"}, {"name": "101010", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/101010"}, {"name": "RHSA-2017:2799", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2799"}, {"name": "RHSA-2017:2794", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2794"}, {"name": "RHSA-2017:2793", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2793"}, {"name": "RHSA-2017:2797", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2797"}, {"name": "RHSA-2017:2802", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2802"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"}, {"name": "RHSA-2017:2800", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2017:2800"}]}, {"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-119", "lang": "en", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "affected": [{"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.1", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.2", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.3", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.4", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.5", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.6", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.7", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.8", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.9", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.1406", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.1503", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.1511", "status": "affected"}]}, {"vendor": "centos", "product": "centos", "cpes": ["cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "7.1611", "status": "affected"}]}, {"vendor": "redhat", "product": "enterprise_linux", "cpes": ["cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "6.0", "status": "affected"}, {"version": "6.1", "status": "affected"}, {"version": "6.2", "status": "affected"}, {"version": "6.3", "status": "affected"}, {"version": "6.4", "status": "affected"}, {"version": "6.5", "status": "affected"}, {"version": "6.6", "status": "affected"}, {"version": "6.7", "status": "affected"}, {"version": "6.8", "status": "affected"}, {"version": "6.9", "status": "affected"}, {"version": "7.0", "status": "affected"}, {"version": "7.1", "status": "affected"}, {"version": "7.2", "status": "affected"}, {"version": "7.3", "status": "affected"}]}, {"vendor": "linux", "product": "linux_kernel", "cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "defaultStatus": "unknown", "versions": [{"version": "2.6.25", "status": "affected", "lessThan": "3.2.70", "versionType": "custom"}, {"version": "3.3", "status": "affected", "lessThan": "3.4.109", "versionType": "custom"}, {"version": "3.5", "status": "affected", "lessThan": "3.10.77", "versionType": "custom"}, {"version": "3.11", "status": "affected", "lessThan": "3.12.43", "versionType": "custom"}, {"version": "3.13", "status": "affected", "lessThan": "3.14.41", "versionType": "custom"}, {"version": "3.15", "status": "affected", "lessThan": "3.16.35", "versionType": "custom"}, {"version": "3.17", "status": "affected", "lessThan": "3.18.14", "versionType": "custom"}, {"version": "3.19", "status": "affected", "lessThan": "3.19.7", "versionType": "custom"}, {"version": "1.0", "status": "affected", "lessThan": "4.0.2", "versionType": "custom"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2024-09-06T00:00:00+00:00", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3", "id": "CVE-2017-1000253"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-09-09", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-10T03:55:14.762Z"}, "timeline": [{"time": "2024-09-09T00:00:00+00:00", "lang": "en", "value": "CVE-2017-1000253 added to CISA KEV"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2017-1000253", "datePublished": "2017-10-04T01:00:00", "dateReserved": "2017-10-03T00:00:00", "dateUpdated": "2024-09-10T03:55:14.762Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/errata/RHSA-2017:2798", "name": "RHSA-2017:2798", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2795", "name": "RHSA-2017:2795", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://www.securitytracker.com/id/1039434", "name": "1039434", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2801", "name": "RHSA-2017:2801", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2796", "name": "RHSA-2017:2796", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "http://www.securityfocus.com/bid/101010", "name": "101010", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2799", "name": "RHSA-2017:2799", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2794", "name": "RHSA-2017:2794", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2793", "name": "RHSA-2017:2793", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2797", "name": "RHSA-2017:2797", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2802", "name": "RHSA-2017:2802", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt", "tags": ["x_refsource_MISC", "x_transferred"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2800", "name": "RHSA-2017:2800", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T22:00:39.693Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2017-1000253", "role": "CISA Coordinator", "options": [{"Exploitation": "active"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2024-09-07T03:55:23.405987Z"}}}, {"other": {"type": "kev", "content": {"dateAdded": "2024-09-09", "reference": "https://www.cisa.gov/sites/default/files/feeds/known_exploited_vulnerabilities.json"}}}], "affected": [{"cpes": ["cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.0"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.1"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.2"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.3"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.4"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.5"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.6"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.7"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.8"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "6.9"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "7.1406"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "7.1503"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "7.1511"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*"], "vendor": "centos", "product": "centos", "versions": [{"status": "affected", "version": "7.1611"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*"], "vendor": "redhat", "product": "enterprise_linux", "versions": [{"status": "affected", "version": "6.0"}, {"status": "affected", "version": "6.1"}, {"status": "affected", "version": "6.2"}, {"status": "affected", "version": "6.3"}, {"status": "affected", "version": "6.4"}, {"status": "affected", "version": "6.5"}, {"status": "affected", "version": "6.6"}, {"status": "affected", "version": "6.7"}, {"status": "affected", "version": "6.8"}, {"status": "affected", "version": "6.9"}, {"status": "affected", "version": "7.0"}, {"status": "affected", "version": "7.1"}, {"status": "affected", "version": "7.2"}, {"status": "affected", "version": "7.3"}], "defaultStatus": "unknown"}, {"cpes": ["cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*"], "vendor": "linux", "product": "linux_kernel", "versions": [{"status": "affected", "version": "2.6.25", "lessThan": "3.2.70", "versionType": "custom"}, {"status": "affected", "version": "3.3", "lessThan": "3.4.109", "versionType": "custom"}, {"status": "affected", "version": "3.5", "lessThan": "3.10.77", "versionType": "custom"}, {"status": "affected", "version": "3.11", "lessThan": "3.12.43", "versionType": "custom"}, {"status": "affected", "version": "3.13", "lessThan": "3.14.41", "versionType": "custom"}, {"status": "affected", "version": "3.15", "lessThan": "3.16.35", "versionType": "custom"}, {"status": "affected", "version": "3.17", "lessThan": "3.18.14", "versionType": "custom"}, {"status": "affected", "version": "3.19", "lessThan": "3.19.7", "versionType": "custom"}, {"status": "affected", "version": "1.0", "lessThan": "4.0.2", "versionType": "custom"}], "defaultStatus": "unknown"}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-119", "description": "CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-09-06T17:10:39.045Z"}, "timeline": [{"lang": "en", "time": "2024-09-09T00:00:00+00:00", "value": "CVE-2017-1000253 added to CISA KEV"}]}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2017-10-03T00:00:00", "references": [{"url": "https://access.redhat.com/errata/RHSA-2017:2798", "name": "RHSA-2017:2798", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2795", "name": "RHSA-2017:2795", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://www.securitytracker.com/id/1039434", "name": "1039434", "tags": ["vdb-entry", "x_refsource_SECTRACK"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2801", "name": "RHSA-2017:2801", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2796", "name": "RHSA-2017:2796", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "http://www.securityfocus.com/bid/101010", "name": "101010", "tags": ["vdb-entry", "x_refsource_BID"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2799", "name": "RHSA-2017:2799", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2794", "name": "RHSA-2017:2794", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2793", "name": "RHSA-2017:2793", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2797", "name": "RHSA-2017:2797", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2802", "name": "RHSA-2017:2802", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt", "tags": ["x_refsource_MISC"]}, {"url": "https://access.redhat.com/errata/RHSA-2017:2800", "name": "RHSA-2017:2800", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}], "dateAssigned": "2017-09-25T00:00:00", "descriptions": [{"lang": "en", "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2017-12-08T10:57:01"}, "x_legacyV4Record": {"affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"version": {"version_data": [{"version_value": "n/a"}]}, "product_name": "n/a"}]}, "vendor_name": "n/a"}]}}, "data_type": "CVE", "references": {"reference_data": [{"url": "https://access.redhat.com/errata/RHSA-2017:2798", "name": "RHSA-2017:2798", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2795", "name": "RHSA-2017:2795", "refsource": "REDHAT"}, {"url": "http://www.securitytracker.com/id/1039434", "name": "1039434", "refsource": "SECTRACK"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2801", "name": "RHSA-2017:2801", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2796", "name": "RHSA-2017:2796", "refsource": "REDHAT"}, {"url": "http://www.securityfocus.com/bid/101010", "name": "101010", "refsource": "BID"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2799", "name": "RHSA-2017:2799", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2794", "name": "RHSA-2017:2794", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2793", "name": "RHSA-2017:2793", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2797", "name": "RHSA-2017:2797", "refsource": "REDHAT"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2802", "name": "RHSA-2017:2802", "refsource": "REDHAT"}, {"url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt", "name": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt", "refsource": "MISC"}, {"url": "https://access.redhat.com/errata/RHSA-2017:2800", "name": "RHSA-2017:2800", "refsource": "REDHAT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "eng", "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2017-1000253", "STATE": "PUBLIC", "ASSIGNER": "cve@mitre.org", "REQUESTER": "qsa@qualys.com", "DATE_ASSIGNED": "2017-09-25"}}}}, "cveMetadata": {"cveId": "CVE-2017-1000253", "state": "PUBLISHED", "dateUpdated": "2024-09-10T03:55:14.762Z", "dateReserved": "2017-10-03T00:00:00", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2017-10-04T01:00:00", "assignerShortName": "mitre"}, "dataVersion": "5.1"}

{"cisaActionDue": "2024-09-30", "cisaExploitAdd": "2024-09-09", "cisaRequiredAction": "Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.", "cisaVulnerabilityName": "Linux Kernel PIE Stack Buffer Corruption Vulnerability ", "configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "ED1C5E1D-21F5-46FA-89F6-A9B7E4BC94EE", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "455E5124-9EC1-4C73-997B-212D9DDC5949", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "E3652270-3566-49BF-9235-EE041EF87E63", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "FAE1DFBF-E5FF-42B1-B58C-34C94A8AB65F", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "76CA16D1-B633-4E1A-A769-1587B4DFE09C", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "D880E621-F60A-4EDB-B3A5-93411DDF0E36", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "FDA91BDF-A89A-4EE1-AED9-9523B5C1DD7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "444146DF-7ACE-4D4A-AA39-CD17D4ADDD98", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "48FE5EA8-A978-464D-89E1-1AD187C92D2A", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*", "matchCriteriaId": "9420109A-E62E-40F9-9B82-EF9D5431680C", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*", "matchCriteriaId": "27A0A2BB-D332-428B-AE50-3A5EC0551C79", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*", "matchCriteriaId": "AE32F8A2-B456-40CF-A6C0-27B8B9096A83", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*", "matchCriteriaId": "25459148-714C-4322-847A-FFF4D9B37EBF", "vulnerable": true}, {"criteria": "cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*", "matchCriteriaId": "3EB71F04-DF1E-48CE-BC2F-3A6A47C025BC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*", "matchCriteriaId": "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*", "matchCriteriaId": "6D5A165C-3721-4A87-839F-BD4F6778DA77", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*", "matchCriteriaId": "9A1F55A9-FAAF-4751-BA6A-93CDB31B11C6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*", "matchCriteriaId": "9045284A-C762-4913-B5AF-8499235F969C", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*", "matchCriteriaId": "905EC4D0-7604-476A-8176-9FFCEB1DC6B1", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*", "matchCriteriaId": "564DCCFD-77BF-4FB1-A0A0-96104B154282", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*", "matchCriteriaId": "467A831E-C63B-476F-A71F-8FB52556BC45", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*", "matchCriteriaId": "84FF61DF-D634-4FB5-8DF1-01F631BE1A7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*", "matchCriteriaId": "243980B8-4044-4776-B521-F9D709E68CCB", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*", "matchCriteriaId": "39A7795D-CFD3-4643-A7A1-7AD7629B5511", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*", "matchCriteriaId": "266EA1B3-526F-4D12-873E-08CE3861AEA6", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*", "matchCriteriaId": "2E4DC974-235F-4655-966F-2490A4C4E490", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*", "matchCriteriaId": "B99A2411-7F6A-457F-A7BF-EB13C630F902", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "64B31F8B-955E-437A-BD1C-8FDBC53CA2EA", "versionEndExcluding": "3.2.70", "versionStartIncluding": "2.6.25", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6548E1CE-CC24-4E01-A277-1424BE536777", "versionEndExcluding": "3.4.109", "versionStartIncluding": "3.3", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "F018224B-768E-407A-AEA6-5CEFAC65534C", "versionEndExcluding": "3.10.77", "versionStartIncluding": "3.5", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "3677661A-9F24-4A1D-A66A-DF9330DF6DB9", "versionEndExcluding": "3.12.43", "versionStartIncluding": "3.11", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "E439BE91-83E3-4795-9E2D-C174EE1B84F5", "versionEndExcluding": "3.14.41", "versionStartIncluding": "3.13", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "7DC4BA70-B111-4D2E-BC78-6601CED68F08", "versionEndExcluding": "3.16.35", "versionStartIncluding": "3.15", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "0BB16F9A-A3E5-4CAC-905D-F60426BBAD9D", "versionEndExcluding": "3.18.14", "versionStartIncluding": "3.17", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "25099C5E-E14E-44D4-8482-0F87E1A22572", "versionEndExcluding": "3.19.7", "versionStartIncluding": "3.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "AB190AE4-287F-40B5-AC62-0B1E50DBE00D", "versionEndExcluding": "4.0.2", "versionStartIncluding": "4.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary."}, {"lang": "es", "value": "Existe una vulnerabilidad en las distribuciones de Linux que no han parcheado sus kernels de largo mantenimiento con https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (confirmada el 14 de abril de 2015). Esta vulnerabilidad en los kernels se parche\u00f3 en abril de 2015 por el commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (aplicado a Linux 3.10.77 en mayo de 2015), pero no se reconoci\u00f3 como amenaza de seguridad. Con CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE habilitado y una estrategia vertical normal de asignaci\u00f3n de direcciones, load_elf_binary() intentar\u00e1 mapear un binario PIE en un rango de direcciones inmediatamente inferior a mm->mmap_base. Por desgracia, load_elf_ binary() no tiene en cuenta la necesidad de asignar el suficiente espacio para todo el binario, lo que significa que, estando el primer segmento PT_LOAD est\u00e1 mapeado bajo mm->mmap_base, los siguientes segmentos PT_LOAD acaban mapeados sobre mm->mmap_base en el \u00e1rea que deber\u00eda ser el \"hueco\" entre la pila y el binario."}], "id": "CVE-2017-1000253", "lastModified": "2025-01-22T19:08:07.267", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.2, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:L/AC:L/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2017-10-05T01:29:04.790", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101010"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039434"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2793"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2794"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2795"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2796"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2797"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2798"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2799"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2800"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2801"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2802"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/101010"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1039434"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2793"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2794"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2795"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2796"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2797"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2798"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2799"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2800"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2801"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2017:2802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-119"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Qualys Research Labs for reporting this issue.", "affected_release": [{"advisory": "RHSA-2017:2802", "cpe": "cpe:/o:redhat:rhel_aus:5.9", "package": "kernel-0:2.6.18-348.34.2.el5", "product_name": "Red Hat Enterprise Linux 5.9 Long Life", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2801", "cpe": "cpe:/o:redhat:rhel_els:5", "package": "kernel-0:2.6.18-423.el5", "product_name": "Red Hat Enterprise Linux 5 Extended Lifecycle Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2795", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "kernel-0:2.6.32-696.10.3.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2800", "cpe": "cpe:/o:redhat:rhel_mission_critical:6.2", "package": "kernel-0:2.6.32-220.76.1.el6", "product_name": "Red Hat Enterprise Linux 6.2 Advanced Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2799", "cpe": "cpe:/o:redhat:rhel_aus:6.4", "package": "kernel-0:2.6.32-358.84.1.el6", "product_name": "Red Hat Enterprise Linux 6.4 Advanced Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2798", "cpe": "cpe:/o:redhat:rhel_aus:6.5", "package": "kernel-0:2.6.32-431.85.1.el6", "product_name": "Red Hat Enterprise Linux 6.5 Advanced Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2798", "cpe": "cpe:/o:redhat:rhel_tus:6.5", "package": "kernel-0:2.6.32-431.85.1.el6", "product_name": "Red Hat Enterprise Linux 6.5 Telco Extended Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2797", "cpe": "cpe:/o:redhat:rhel_aus:6.6", "package": "kernel-0:2.6.32-504.63.3.el6", "product_name": "Red Hat Enterprise Linux 6.6 Advanced Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2797", "cpe": "cpe:/o:redhat:rhel_tus:6.6", "package": "kernel-0:2.6.32-504.63.3.el6", "product_name": "Red Hat Enterprise Linux 6.6 Telco Extended Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2796", "cpe": "cpe:/o:redhat:rhel_eus:6.7", "package": "kernel-0:2.6.32-573.48.1.el6", "product_name": "Red Hat Enterprise Linux 6.7 Extended Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:1842", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-0:3.10.0-693.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2017-08-01T00:00:00Z"}, {"advisory": "RHSA-2017:2794", "cpe": "cpe:/o:redhat:rhel_eus:7.2", "package": "kernel-0:3.10.0-327.59.3.el7", "product_name": "Red Hat Enterprise Linux 7.2 Extended Update Support", "release_date": "2017-09-26T00:00:00Z"}, {"advisory": "RHSA-2017:2793", "cpe": "cpe:/o:redhat:rhel_eus:7.3", "package": "kernel-0:3.10.0-514.32.3.el7", "product_name": "Red Hat Enterprise Linux 7.3 Extended Update Support", "release_date": "2017-09-26T00:00:00Z"}], "bugzilla": {"description": "kernel: load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary", "id": "1492212", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1492212"}, "csaw": true, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-119", "details": ["Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the \"gap\" between the stack and the binary.", "A flaw was found in the way the Linux kernel loaded ELF executables. Provided that an application was built as Position Independent Executable (PIE), the loader could allow part of that application's data segment to map over the memory area reserved for its stack, potentially resulting in memory corruption. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system."], "mitigation": {"lang": "en:us", "value": "By setting vm.legacy_va_layout to 1 we can effectively disable the exploitation of this issue by switching to the legacy mmap layout. The mmap allocations start much lower in the process address space and follow the bottom-up allocation model. As such, the initial PIE executable mapping is far from the reserved stack area and cannot interfere with the stack.\n64-bit processes on Red Hat Enterprise Linux 5 are forced to use the legacy virtual address space layout regardless of the vm.legacy_va_layout value.\nNote: Applications that have demands for a large linear address space (such as certain databases) may be unable to handle the legacy memory layout proposed using this mitigation. We recommend to test your systems and applications before deploying this mitigation on production systems.\nEdit the /etc/sysctl.conf file as root, and add or amend:\nvm.legacy_va_layout = 1\nTo apply this setting, run the /sbin/sysctl -p command as the root user to reload the settings from /etc/sysctl.conf.\nVerify that vm.legacy_va_layout is now set to defined value:\n$ /sbin/sysctl vm.legacy_va_layout\nvm.legacy_va_layout = 1"}, "name": "CVE-2017-1000253", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-alt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2017-09-26T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2017-1000253\nhttps://nvd.nist.gov/vuln/detail/CVE-2017-1000253\nhttps://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt\nhttps://www.cisa.gov/known-exploited-vulnerabilities-catalog"], "statement": "This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 5 and 6. This issue affects the Linux kernel packages as shipped with Red Hat Enterprise Linux 7 prior to kernel version 3.10.0-693, that is Red Hat Enterprise Linux 7.4 GA kernel version. Kernel versions after 3.10.0-693 contain the fix and are thus not vulnerable.\nThis issue affects the Linux kernel-rt packages prior to the kernel version 3.10.0-693.rt56.617 (Red Hat Enteprise Linux for Realtime) and 3.10.0-693.2.1.rt56.585.el6rt (Red Hat Enterprise MRG 2). The latest Linux kernel-rt packages as shipped with Red Hat Enterprise Linux for Realtime and Red Hat Enterprise MRG 2 are not vulnerable.\nFuture Linux kernel updates for the respective releases will address this issue.", "threat_severity": "Important"}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object