
Qualys Security Advisory – Linux PIE/stack Corruption (CVE-2017-1000253) - QUFB
http://seclists.org/oss-sec/2017/q3/541
======
justinjlynn
This is over particular interest because this is a local privilege escalation
from 2015 that several major Linux vendors (RHEL and Centos) have failed to
apply! See seclist post linked above for details.

> Most notably, all versions of CentOS 7 before 1708 (released on September
> 13, 2017), all versions of Red Hat Enterprise Linux 7 before 7.4 (released
> on August 1, 2017), and all versions of CentOS 6 and Red Hat Enterprise
> Linux 6 are exploitable.

Wow.

