Issue metadata
Sign in to add a comment
|
CrOS: CVE-2017-1000379: Vulnerability reported in Linux kernel |
||||||||||||||||||||||||
Issue descriptionVOMIT (go/vomit) has received an external vulnerability report for the Linux kernel. Advisory: CVE-2017-1000379 Details: http://vomit.googleplex.com/advisory?id=CVE/CVE-2017-1000379 CVSS severity score: 7.2/10.0 Description: The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected. This bug was filed by http://go/vomit Please contact us at vomit-team@google.com if you need any assistance.
,
Jun 30 2017
,
Jun 30 2017
,
Jul 4 2017
,
Jul 5 2017
,
Jul 5 2017
,
Jul 11 2017
It is difficult to determine where CVE-2017-1000370 ends and where CVE-2017-1000379 starts. Going to fix it all with a sequence of patches against a single bug.
,
Jan 3 2018
This bug has been closed for more than 14 weeks. Removing security view restrictions. For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot |
|||||||||||||||||||||||||
►
Sign in to add a comment |
|||||||||||||||||||||||||
Comment 1 by xzhou@chromium.org
, Jun 30 2017Labels: OS-Linux Pri-3
Status: Available (was: Untriaged)