summaryrefslogtreecommitdiffstats
path: root/retired/CVE-2017-1000370
blob: 99e8e87f01c9e0868afba4938081c6a5196de461 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: Very large argument/environment list breaks 32-bit PIE ASLR
References:
 https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
Notes:
 nsl> Looks to be introduced upstream with commit d1fd836dcf00
 nsl> "mm: split ET_DYN ASLR from mmap ASLR" in 4.1-rc1. This was seemly
 nsl> added to jessie with patch mm-split-et_dyn-aslr-from-mmap-aslr.patch 
Bugs:
upstream: released (4.13-rc1) [eab09532d40090698b05a07c1c87f39fdbc5fab5]
4.9-upstream-stable: released (4.9.39) [63c2f8f8c41bf80af068f0b2aef4c0e2bdc32c4a]
3.16-upstream-stable: N/A "Memory layout is different"
3.2-upstream-stable: N/A "Memory layout is different"
sid: released (4.11.11-1) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
4.9-stretch-security: released (4.9.30-2+deb9u4) [bugfix/all/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
3.16-jessie-security: released (3.16.43-2+deb8u4) [bugfix/all/pie-aslr/binfmt_elf-use-elf_et_dyn_base-only-for-pie.patch]
3.2-wheezy-security: N/A "Memory layout is different"

© 2014-2024 Faster IT GmbH | imprint | privacy policy