cvedb.io
CVE-2017-1000376
HIGH · CVSS 7
EPSS exploitation probability: 0%
Published 2017-06-19T16:29:00.577 · Last modified 2026-06-17T00:59:03.570

Summary

libffi requests an executable stack allowing attackers to more easily trigger arbitrary code execution by overwriting the stack. Please note that libffi is used by a number of other libraries. It was previously stated that this affects libffi version 3.2.1 but this appears to be incorrect. libffi prior to version 3.1 on 32 bit x86 systems was vulnerable, and upstream is believed to have fixed this issue in version 3.1.

Affected products

redhat — enterprise_virtualization_server

Does this affect you?

Add your gear to cvedb and we'll alert you only when redhat ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.