It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.4.0-1016.16", "binary_name": "linux-cloud-tools-4.4.0-1016-gke" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-gke-cloud-tools-4.4.0-1016" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-gke-cloud-tools-4.4.0-1016-dbgsym" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-gke-headers-4.4.0-1016" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-gke-tools-4.4.0-1016" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-gke-tools-4.4.0-1016-dbgsym" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-headers-4.4.0-1016-gke" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-image-4.4.0-1016-gke" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-image-4.4.0-1016-gke-dbgsym" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-image-extra-4.4.0-1016-gke" }, { "binary_version": "4.4.0-1016.16", "binary_name": "linux-tools-4.4.0-1016-gke" } ] }