Linux distributions that have not patched their long-term kernels with https://git.kernel.org/linus/a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (committed on April 14, 2015). This kernel vulnerability was fixed in April 2015 by commit a87938b2e246b81b4fb713edb371a9fa3c5c3c86 (backported to Linux 3.10.77 in May 2015), but it was not recognized as a security threat. With CONFIG_ARCH_BINFMT_ELF_RANDOMIZE_PIE enabled, and a normal top-down address allocation strategy, load_elf_binary() will attempt to map a PIE binary into an address range immediately below mm->mmap_base. Unfortunately, load_elf_ binary() does not take account of the need to allocate sufficient space for the entire binary which means that, while the first PT_LOAD segment is mapped below mm->mmap_base, the subsequent PT_LOAD segment(s) end up being mapped above mm->mmap_base into the are that is supposed to be the "gap" between the stack and the binary.

Metrics

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Local

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is in the KEV database since Sept. 9, 2024.

The EPSS score is 0.54439.

Exploitation active

Automatable no

Technical Impact total

Affected Vendors & Products

Vendors Products
Centos Subscribe
Centos Subscribe
Linux Subscribe
Linux Kernel Subscribe
Redhat Subscribe
Enterprise Linux Subscribe
Rhel Aus Subscribe
Rhel Els Subscribe
Rhel Eus Subscribe
Rhel Mission Critical Subscribe
Rhel Tus Subscribe

Configuration 1 [-]

OR cpe:2.3:o:centos:centos:6.0:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.1:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.2:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.3:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.4:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.5:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.6:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.7:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.8:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:6.9:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:7.1406:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:7.1503:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:7.1511:*:*:*:*:*:*:*
cpe:2.3:o:centos:centos:7.1611:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.3:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.9:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.3:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 5.9 Long Life
kernel-0:2.6.18-348.34.2.el5 cpe:/o:redhat:rhel_aus:5.9 RHSA-2017:2802 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 5 Extended Lifecycle Support
kernel-0:2.6.18-423.el5 cpe:/o:redhat:rhel_els:5 RHSA-2017:2801 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6
kernel-0:2.6.32-696.10.3.el6 cpe:/o:redhat:enterprise_linux:6 RHSA-2017:2795 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.2 Advanced Update Support
kernel-0:2.6.32-220.76.1.el6 cpe:/o:redhat:rhel_mission_critical:6.2 RHSA-2017:2800 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.4 Advanced Update Support
kernel-0:2.6.32-358.84.1.el6 cpe:/o:redhat:rhel_aus:6.4 RHSA-2017:2799 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.5 Advanced Update Support
kernel-0:2.6.32-431.85.1.el6 cpe:/o:redhat:rhel_aus:6.5 RHSA-2017:2798 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.5 Telco Extended Update Support
kernel-0:2.6.32-431.85.1.el6 cpe:/o:redhat:rhel_tus:6.5 RHSA-2017:2798 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.6 Advanced Update Support
kernel-0:2.6.32-504.63.3.el6 cpe:/o:redhat:rhel_aus:6.6 RHSA-2017:2797 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.6 Telco Extended Update Support
kernel-0:2.6.32-504.63.3.el6 cpe:/o:redhat:rhel_tus:6.6 RHSA-2017:2797 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 6.7 Extended Update Support
kernel-0:2.6.32-573.48.1.el6 cpe:/o:redhat:rhel_eus:6.7 RHSA-2017:2796 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 7
kernel-0:3.10.0-693.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2017:1842 2017-08-01T00:00:00Z
Red Hat Enterprise Linux 7.2 Extended Update Support
kernel-0:3.10.0-327.59.3.el7 cpe:/o:redhat:rhel_eus:7.2 RHSA-2017:2794 2017-09-26T00:00:00Z
Red Hat Enterprise Linux 7.3 Extended Update Support
kernel-0:3.10.0-514.32.3.el7 cpe:/o:redhat:rhel_eus:7.3 RHSA-2017:2793 2017-09-26T00:00:00Z

No data.

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://www.securityfocus.com/bid/101010 cve-icon cve-icon
http://www.securitytracker.com/id/1039434 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2793 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2794 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2795 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2796 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2797 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2798 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2799 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2800 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2801 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2017:2802 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2017-1000253 cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog cve-icon
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2017-1000253 cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2017-1000253 cve-icon
https://www.qualys.com/2017/09/26/cve-2017-1000253/cve-2017-1000253.txt cve-icon cve-icon cve-icon
History

Wed, 22 Oct 2025 00:15:00 +0000

Type Values Removed Values Added
References
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'active', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 21 Oct 2025 20:30:00 +0000

Type Values Removed Values Added
References

Tue, 21 Oct 2025 19:30:00 +0000

Type Values Removed Values Added
References

Tue, 10 Sep 2024 05:30:00 +0000

Type Values Removed Values Added
References

Projects

Sign in to view the affected projects.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2025-10-21T23:55:32.192Z

Reserved: 2017-10-03T00:00:00.000Z

Link: CVE-2017-1000253

cve-icon Vulnrichment

Updated: 2024-08-05T22:00:39.693Z

cve-icon NVD

Status : Deferred

Published: 2017-10-05T01:29:04.790

Modified: 2025-10-22T00:16:00.823

Link: CVE-2017-1000253

cve-icon Redhat

Severity : Important

Publid Date: 2017-09-26T00:00:00Z

Links: CVE-2017-1000253 - Bugzilla

cve-icon OpenCVE Enrichment

No data.

Weaknesses