Vulnerability CVE-2017-1000376

Vulnerability Name:

CVE-2017-1000376 (CCN-127462)

Assigned:

2017-06-19

Published:

2017-06-19

Updated:

2020-01-15

Summary:

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi prior to version 3.1 on 32 bit x86 systems was vulnerable, and upstream is believed to have fixed this issue in version 3.1.

CVSS v3 Severity:

7.0 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H)
6.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): High Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:U/RC:R)

Exploitability Metrics:	Attack Vector (AV): Local Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): Low Availibility (A): Low

CVSS v2 Severity:

6.9 Medium (CVSS v2 Vector: AV:L/AC:M/Au:N/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

4.6 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Local Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

Vulnerability Type:

CWE-119

Vulnerability Consequences:

Gain Access

References:

Source: MITRE
Type: CNA
CVE-2017-1000376

Source: DEBIAN
Type: Third Party Advisory
DSA-3889

Source: CONFIRM
Type: Third Party Advisory
https://access.redhat.com/security/cve/CVE-2017-1000376

Source: XF
Type: UNKNOWN
libffi-cve2017100376-code-exec(127462)

Source: CCN
Type: libffi Web site
libffi

Source: CCN
Type: Oracle CPUJan2020
Oracle Critical Patch Update Advisory - January 2020

Source: MISC
Type: UNKNOWN
https://www.oracle.com/security-alerts/cpujan2020.html

Source: CCN
Type: Qualys Security Advisory QSA - 2017-06-19
The Stack Clash

Source: MISC
Type: Mailing List, Third Party Advisory
https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Vulnerable Configuration:

Configuration 1:

cpe:/a:redhat:enterprise_virtualization_server:-:*:*:*:*:*:*:*

OR cpe:/a:redhat:openshift:2.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

OR cpe:/o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:libffi_project:libffi:3.2.1:*:*:*:*:*:*:*

AND

cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*

OR cpe:/a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20171000376	V	CVE-2017-1000376	2022-05-20
oval:org.opensuse.security:def:33118	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:33795	P	Security update for apache2 (Important)	2022-01-12
oval:org.opensuse.security:def:32289	P	Security update for libvirt (Important)	2022-01-10
oval:org.opensuse.security:def:32288	P	Security update for libsndfile (Important)	2022-01-05
oval:org.opensuse.security:def:33756	P	Security update for xorg-x11-server (Important)	2021-12-14
oval:org.opensuse.security:def:33051	P	Security update for ruby2.1 (Important)	2021-12-01
oval:org.opensuse.security:def:29446	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:29435	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:30137	P	Security update for MozillaFirefox (Important)	2021-10-15
oval:org.opensuse.security:def:33012	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:34525	P	Security update for gstreamer-plugins-good (Moderate)	2021-09-02
oval:org.opensuse.security:def:30239	P	Security update for aspell (Important)	2021-08-25
oval:org.opensuse.security:def:31235	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-07-27
oval:org.opensuse.security:def:32963	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:33674	P	Security update for webkit2gtk3 (Important)	2021-06-17
oval:org.opensuse.security:def:30088	P	Security update for spice (Important)	2021-06-08
oval:org.opensuse.security:def:31191	P	Security update for gstreamer-plugins-bad (Important)	2021-06-07
oval:org.opensuse.security:def:33916	P	Security update for dhcp (Important)	2021-06-01
oval:org.opensuse.security:def:34441	P	Security update for libX11 (Moderate)	2021-05-26
oval:org.opensuse.security:def:30195	P	Security update for python3 (Important)	2021-05-17
oval:org.opensuse.security:def:34429	P	Security update for openvpn (Moderate)	2021-05-12
oval:org.opensuse.security:def:34430	P	Security update for xen (Important)	2021-05-12
oval:org.opensuse.security:def:31170	P	Security update for samba (Important)	2021-05-04
oval:org.opensuse.security:def:32906	P	Security update for libnettle (Important)	2021-04-28
oval:org.opensuse.security:def:30176	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP2) (Important)	2021-04-12
oval:org.opensuse.security:def:34661	P	Security update for nghttp2 (Important)	2021-03-24
oval:org.opensuse.security:def:30033	P	Security update for python-cryptography (Important)	2021-03-02
oval:org.opensuse.security:def:33770	P	Security update for java-1_8_0-openjdk (Moderate)	2021-02-19
oval:org.opensuse.security:def:35284	P	Security update for ImageMagick (Moderate)	2021-02-19
oval:org.opensuse.security:def:33074	P	Security update for jasper (Important)	2021-02-16
oval:org.opensuse.security:def:29434	P	Security update for python3 (Important)	2021-02-08
oval:org.opensuse.security:def:28920	P	Security update for postgresql, postgresql12, postgresql13 (Important)	2021-01-26
oval:org.opensuse.security:def:28866	P	Security update for xen (Important)	2020-12-10
oval:org.opensuse.security:def:35963	P	libotr2-3.2.0-10.3.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:31082	P	Security update for gdm (Important)	2020-12-03
oval:org.opensuse.security:def:35922	P	java-1_6_0-ibm-1.6.0_sr13.1-0.9.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:26641	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26971	P	libsndfile on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27308	P	tftp on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28043	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27638	P	Security update for pcp	2020-12-01
oval:org.opensuse.security:def:27923	P	Security update for xorg-x11-libXv	2020-12-01
oval:org.opensuse.security:def:28268	P	Security update for mercurial (Moderate)	2020-12-01
oval:org.opensuse.security:def:28415	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:28278	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:28488	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29025	P	Security update for LibVNCServer (Important)	2020-12-01
oval:org.opensuse.security:def:29518	P	Security update for LibVNCServer (Moderate)	2020-12-01
oval:org.opensuse.security:def:29880	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:30914	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30431	P	Security update for xorg-x11-server (Moderate)	2020-12-01
oval:org.opensuse.security:def:30784	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:31131	P	Security update for kvm (Important)	2020-12-01
oval:org.opensuse.security:def:31873	P	Security update for cvs (Moderate)	2020-12-01
oval:org.opensuse.security:def:32606	P	syslog-ng on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33444	P	Security update for pidgin	2020-12-01
oval:org.opensuse.security:def:34073	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34244	P	Security update for PostgreSQL	2020-12-01
oval:org.opensuse.security:def:34907	P	Security update for dnsmasq (Important)	2020-12-01
oval:org.opensuse.security:def:35213	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:26705	P	gd on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27055	P	x3270 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27347	P	libslp1-openssl1 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28078	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:27649	P	Security update for lighttpd	2020-12-01
oval:org.opensuse.security:def:27980	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:28317	P	Security update for openssl (Moderate)	2020-12-01
oval:org.opensuse.security:def:29053	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:28279	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:28573	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:29069	P	Security update for clamav (Moderate)	2020-12-01
oval:org.opensuse.security:def:29650	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30505	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:30871	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:31911	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:32300	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:32663	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33445	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:34131	P	Security update for ntp (Important)	2020-12-01
oval:org.opensuse.security:def:34288	P	Security update for Python	2020-12-01
oval:org.opensuse.security:def:35066	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:35240	P	Security update for libpng12-0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26629	P	perl-Tk on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26833	P	tgt on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27206	P	libpixman-1-0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27361	P	NetworkManager-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27713	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:28064	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:28356	P	Security update for poppler (Moderate)	2020-12-01
oval:org.opensuse.security:def:29088	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28290	P	Security update for mysql (Important)	2020-12-01
oval:org.opensuse.security:def:28630	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:28969	P	Security update for orca (Moderate)	2020-12-01
oval:org.opensuse.security:def:29707	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:29737	P	Security update for freetype2	2020-12-01
oval:org.opensuse.security:def:30419	P	Security update for xorg-x11-libXp	2020-12-01
oval:org.opensuse.security:def:30637	P	Security update for xorg-x11-server	2020-12-01
oval:org.opensuse.security:def:31026	P	Security update for java-1_7_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:32377	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:32750	P	mozilla-xulrunner192 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33456	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:33827	P	Security update for gnome-session (Moderate)	2020-12-01
oval:org.opensuse.security:def:34180	P	Security update for openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34926	P	Security update for expat (Moderate)	2020-12-01
oval:org.opensuse.security:def:34760	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:35125	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:26630	P	perl-spamassassin on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26914	P	gvim on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27259	P	pam_mount on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27405	P	fvwm2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:27637	P	Security update for libotr	2020-12-01
oval:org.opensuse.security:def:27841	P	Security update for mysql (Moderate)	2020-12-01
oval:org.opensuse.security:def:28215	P	Security update for libpng12-0 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28371	P	Security update for python (Moderate)	2020-12-01
oval:org.opensuse.security:def:28357	P	Security update for postgresql94 (Moderate)	2020-12-01
oval:org.opensuse.security:def:28714	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:29008	P	Security update for gnutls (Important)	2020-12-01
oval:org.opensuse.security:def:29743	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29794	P	Security update for guile (Low)	2020-12-01
oval:org.opensuse.security:def:30877	P	Security update for facter (Moderate)	2020-12-01
oval:org.opensuse.security:def:30420	P	Security update for xorg-x11-libXpm (Moderate)	2020-12-01
oval:org.opensuse.security:def:30727	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:32512	P	freeradius-server on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33538	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:34219	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34966	P	Security update for gcc43 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34817	P	Security update for apport (Moderate)	2020-12-01
oval:org.opensuse.security:def:35174	P	Security update for kvm	2020-12-01
oval:com.ubuntu.artful:def:20171000376000	V	CVE-2017-1000376 on Ubuntu 17.10 (artful) - medium.	2017-06-19
oval:com.ubuntu.xenial:def:201710003760000000	V	CVE-2017-1000376 on Ubuntu 16.04 LTS (xenial) - medium.	2017-06-19
oval:com.ubuntu.trusty:def:20171000376000	V	CVE-2017-1000376 on Ubuntu 14.04 LTS (trusty) - medium.	2017-06-19
oval:com.ubuntu.xenial:def:20171000376000	V	CVE-2017-1000376 on Ubuntu 16.04 LTS (xenial) - medium.	2017-06-19

BACK