UBUNTU-CVE-2017-1000370
Advisory lineage Upstream: 1 Downstream: 0
Upstream
Published: 19 Jun 2017, 15:00
Last modified:22 Apr 2026, 11:09
Vulnerability Summary
Overall Risk (default)
medium
31/100 CVSS Score
7.8 HIGH
3.1 (osv_ubuntu)
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected
Timeline
19 Jun 2017, 15:00
Published
Vulnerability first disclosed
22 Apr 2026, 11:09
Last Modified
Vulnerability information updated
Description
The offset2lib patch as used in the Linux Kernel contains a vulnerability that allows a PIE binary to be execve()'ed with 1GB of arguments or environmental strings then the stack occupies the address 0x80000000 and the PIE binary is mapped above 0x40000000 nullifying the protection of the offset2lib patch. This affects Linux Kernel version 4.11.5 and earlier. This is a different issue than CVE-2017-1000371. This issue appears to be limited to i386 based systems.
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- v3.0•HIGH•Score: 7.8CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected Systems
- ubuntu•linux
< 4.4.0-93.116
- ubuntu•linux-aws
< 4.4.0-1032.41
- ubuntu•linux-azure
all
- ubuntu•linux-azure-fde
all
- ubuntu•linux-gcp
< 4.13.0-1002.5 | all
- ubuntu•linux-gke
< 4.4.0-1028.28 | all
- ubuntu•linux-hwe
< 4.13.0-32.35~16.04.1 | all
- ubuntu•linux-hwe-edge
all
- ubuntu•linux-intel-iot-realtime
all
- ubuntu•linux-lts-xenial
< 4.4.0-93.116~14.04.1
- ubuntu•linux-oem
all
- ubuntu•linux-raspi-realtime
all
- ubuntu•linux-raspi2
< 4.4.0-1071.79 | all
- ubuntu•linux-realtime
all
- ubuntu•linux-riscv
all | all
- ubuntu•linux-snapdragon
< 4.4.0-1073.78