Rapid7 Vulnerability & Exploit Database

F5 Networks: K15412203 (CVE-2017-1000365): Linux kernel vulnerability CVE-2017-1000365

Free InsightVM Trial No Credit Card Necessary

Watch Demo See how it all works

Back to Search

F5 Networks: K15412203 (CVE-2017-1000365): Linux kernel vulnerability CVE-2017-1000365

Severity

CVSS

(AV:L/AC:L/Au:N/C:C/I:C/A:C)

Published

06/19/2017

Created

07/25/2018

Added

07/11/2017

Modified

03/02/2020

Description

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versions 4.11.5 and earlier. It appears that this feature was introduced in the Linux Kernel version 2.6.23.

Solution(s)

f5-big-ip-upgrade-latest

References

https://support.f5.com/csp/article/K15412203
DSA-3927
DSA-3945
CVE-2017-1000365
USN-3377-1
USN-3377-2
USN-3378-1
USN-3378-2
USN-3381-1
USN-3381-2
USN-3392-1
USN-3392-2

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

F5 Networks: K15412203 (CVE-2017-1000365): Linux kernel vulnerability CVE-2017-1000365

F5 Networks: K15412203 (CVE-2017-1000365): Linux kernel vulnerability CVE-2017-1000365

Description

Solution(s)

References

Success! Thank you for submission. We will be in touch shortly.

Oops! There was a problem in submission. Please try again.

Submit your information and we will get in touch with you.