Oracle Linux, virtualization , Enterprise and Cloud Management Cloud technology musings

  • June 29, 2017


As I am sure many of you have heard/read about CVE-2017-1000364.

If not, you can find some information here:




An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).

This CVE has a very high CVSS score of 9.8.

There are a number of packages release for Oracle Linux to deal with this CVE.

An updated glibc: https://linux.oracle.com/cve/CVE-2017-1000366.html

An updated kernel:  https://linux.oracle.com/cve/CVE-2017-1000364.html

A very important additional detail is that we also have an online fix available through Ksplice. So for Oracle Linux users/customers with a support subscription, you can simply run uptrack-upgrade on a running kernel. No reboot required.

# uptrack-upgrade
The following steps will be taken:
Install [8cpcuyra] CVE-2017-1000364: Increase stack guard size to 1 MiB.

Go ahead [y/N]? y
Installing [8cpcuyra] CVE-2017-1000364: Increase stack guard size to 1 MiB.
Your kernel is fully up to date.
Effective kernel version is 4.1.12-94.3.7.el7uek



Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.