Security News > 2017 > June > Stack Clash bug could give root privileges to attackers on Unix, Linux systems (Help Net Security)
Qualys researchers have unearthed a serious privilege escalation bug affecting a wide variety of Unix and Unix-based operating systems, and has been working with vendors to develop patches since May. As the patches have been pushed out, Qualys went public with the information, and urged users to implement them as soon as possible. The vulnerability (CVE-2017-1000364) The vulnerability has been dubbed Stack Clash, because it is triggered when the attackers forces an application’s stack to … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/QtVIFBjpcnU/
Related news
- Deepen your knowledge of Linux security (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (source)
- 'Alarming' security bugs lay low in Linux's needrestart utility for 10 years (source)
- Discover the future of Linux security (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-19 | CVE-2017-1000364 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). | 7.4 |