Security News > 2017 > June > A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered (The Hackers News)

A Decade Old Unix/Linux/BSD Root Privilege-Escalation Bug Discovered (The Hackers News)
2017-06-20 00:57

Security researchers have discovered more than a decade-old vulnerability in several Unix-based operating systems — including Linux, OpenBSD, NetBSD, FreeBSD and Solaris — which can be exploited by attackers to escalate their privileges to root, potentially leading to a full system takeover. Dubbed Stack Clash, the vulnerability (CVE-2017-1000364) has been discovered in the way memory was


News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/QynFs9r4xtU/linux-root-privilege-escalation.html

Related Vulnerability

DATE CVE VULNERABILITY TITLE RISK
2017-06-19 CVE-2017-1000364 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel
An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010).
local
high complexity
linux CWE-119
6.2