CVE-2017-1000253 - load_elf_binary does not allocate sufficient space
Environment
The following Red Hat product versions are impacted:
- Red Hat Enterprise Linux 5
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7 (prior to the 7.4.0 release)
- Red Hat Enterprise Linux for Realtime (prior to version kernel-rt-3.10.0-693.rt56.617)
- Red Hat Enterprise MRG 2 (prior to version kernel-rt-3.10.0-693.2.1.rt56.585.el6rt)
Issue
Red Hat Product Security has been made aware of a vulnerability affecting the Linux kernel's implementation of loading ELF binaries. Provided that an application is built as Position Independent Executable (PIE), the loader can allow part of that application's data segment to map over the memory area reserved for its stack resulting in corruption of the stack, with possible privilege escalation. The vulnerability has been assigned CVE-2017-1000253.
This issue was publicly disclosed on Tuesday September 26th, 2017 and is rated as Important.
Resolution
For further information, please refer to:
CVE-2017-1000253 -
load_elf_binary does not allocate sufficient space
Root Cause
The loader can allow part of their data segment to map over their stack resulting in corruption of the stack, with possible privilege escalation.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments