Security News > 2017 > June > Stack Clash bug could give root privileges to attackers on Unix, Linux systems (Help Net Security)
Qualys researchers have unearthed a serious privilege escalation bug affecting a wide variety of Unix and Unix-based operating systems, and has been working with vendors to develop patches since May. As the patches have been pushed out, Qualys went public with the information, and urged users to implement them as soon as possible. The vulnerability (CVE-2017-1000364) The vulnerability has been dubbed Stack Clash, because it is triggered when the attackers forces an application’s stack to … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/QtVIFBjpcnU/
Related news
- CUPS vulnerabilities affecting Linux, Unix systems can lead to RCE (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Deepen your knowledge of Linux security (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- Ubuntu Linux impacted by decade-old 'needrestart' flaw that gives root (source)
- 'Alarming' security bugs lay low in Linux's needrestart server utility for 10 years (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2017-06-19 | CVE-2017-1000364 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Linux Kernel An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects Linux Kernel versions 4.11.5 and earlier (the stackguard page was introduced in 2010). | 7.4 |