Security News > 2017 > June > Stack Clash bug could give root privileges to attackers on Unix, Linux systems (Help Net Security)
2017-06-20 21:37
Qualys researchers have unearthed a serious privilege escalation bug affecting a wide variety of Unix and Unix-based operating systems, and has been working with vendors to develop patches since May. As the patches have been pushed out, Qualys went public with the information, and urged users to implement them as soon as possible. The vulnerability (CVE-2017-1000364) The vulnerability has been dubbed Stack Clash, because it is triggered when the attackers forces an application’s stack to … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/QtVIFBjpcnU/
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-19 | CVE-2017-1000364 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). | 6.2 |