Ask / Submit

larger stack guard gap, between vmas in kernel-mm and glibc CVE-2017-1000364 (aka Stack Clash) critical remote

Tracked by Jolla

asked 2017-06-29 12:32:21 +0300

this post is marked as community wiki

This post is a wiki. Anyone with karma >75 is welcome to improve it.

updated 2017-06-29 12:40:44 +0300

lpr gravatar image

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

Patch upstream has to be backported to 3.4.108 (maybe look at debian-wheezy 3.2.89-1 source)...

CVSS v3 Base Score: 9.8 Critical

the 2nd part of stack-clash is a glibc vulnerability CVE-2017-1000366 and requires glibc update

edit retag flag offensive close delete


The updated kernel/glibc packages for distributions like RHEL have issues (some software packages refuse to start after upgrading the kernel) so a fix for SFOS needs thorough testing and perhaps picking the most compatible fix for the problem. See or for details on problematic fixes for the vulnerability.

Maus ( 2017-06-29 19:08:10 +0300 )edit

1 Answer

Sort by » oldest newest most voted

answered 2017-07-04 17:01:38 +0300

Daeto gravatar image

I built glibc using last source code from Plese test and give me feedback:

edit flag offensive delete publish link more



but don't claim cve-2014-9761 to be patched: it's not! And therefore it doesn't fix MR#1633 but MER#1789

lpr ( 2017-07-05 10:53:50 +0300 )edit

lpr, and what do you think about: ? Jolla have OpenSSH 7.1p2

Daeto ( 2017-07-05 11:24:26 +0300 )edit
Login/Signup to Answer

Question tools



Asked: 2017-06-29 12:32:21 +0300

Seen: 238 times

Last updated: Jul 04