CVE-2017-1000365 (retired)

Priority
Description
The Linux Kernel imposes a size restriction on the arguments and
environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the
size), but does not take the argument and environment pointers into
account, which allows attackers to bypass this limitation. This affects
Linux Kernel versions 4.11.5 and earlier. It appears that this feature was
introduced in the Linux Kernel version 2.6.23.
Ubuntu-Description
It was discovered that the Linux kernel did not properly restrict
RLIMIT_STACK size. A local attacker could use this in conjunction with
another vulnerability to possibly execute arbitrary code.
Notes
sbeattieproposed patch from kees in patchwork link
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-89.112)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-16.19)
Patches:
Introduced by
b6a2fea39318e43fee84fa7b0b90d68bed92d2ba
Fixed by
98da7d08850fb8bdeb395d6368ed15753304aa0c
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1028.37)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.11.0-1009.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed ESM criteria)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.10.0-1004.4)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1024.24)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needed now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-30.34~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.10.0-30.34~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.18.0-8.9~18.04.1)
Product
linux-krillin:ignored (was needed now end-of-life)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Patches:
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (end-of-life)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
This package is not directly supported by the Ubuntu Security Team
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-126.175~precise1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (abandoned)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.13.0-1008.9)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.3)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1067.75)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.13.0-1005.5)
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1069.74)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Package
Upstream:released (4.12~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Product
linux-vegetahd:ignored (was needed now end-of-life)
More Information

Updated: 2019-10-09 07:58:25 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)