A flaw exists in NetBSD's implementation of the stack guard page that allows attackers to bypass it resulting in arbitrary code execution using certain setuid binaries. This affects NetBSD 7.1 and possibly earlier versions.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/99176 | Third Party Advisory VDB Entry |
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2017-06-19T16:00:00
Updated: 2017-06-22T09:57:01
Reserved: 2017-06-19T00:00:00
Link: CVE-2017-1000374
JSON object: View
NVD Information
Status : Analyzed
Published: 2017-06-19T16:29:00.530
Modified: 2019-10-03T00:03:26.223
Link: CVE-2017-1000374
JSON object: View
Redhat Information
No data.
CWE