CVE-2017-1000364
linux - security update
7.4
HIGH
CVSS 3.1
EPSS 5.2%
Description
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
How to fix CVE-2017-1000364
To remediate CVE-2017-1000364, upgrade the affected package to a fixed version below.
- —upgrade to 4.11.6-1 or later
- —upgrade to 3.2.89-1 or later
- —upgrade to 3.16.43-2+deb8u1 or later
Is CVE-2017-1000364 being exploited?
Moderate — EPSS is 5.2%. Track this CVE but it's not at the top of the prioritisation list.
Affected packages (3)
- from 0, < 4.11.6-1
- from 0, < 3.2.89-1
- from 0, < 3.16.43-2+deb8u1
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | HIGH7.4 | CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |