Stack Clash – Root Privilege Vulnerability in Unix Systems
June 21, 2017
Adeel Khan (32 articles)
Share

Stack Clash – Root Privilege Vulnerability in Unix Systems

A vulnerability has been detected in several Unix-based operating systems- Linux, OpenBSD, NetBSD, FreeBSD and Solaris- the vulnerability allows for privilege escalation.

The vulnerability

A stack is a memory region where you can store short-term data. With limited space available for storage, the problem that it caused is that malicious program could use more memory space thus causing the memory to overflow and collide with other memory regions and overwriting the content. This flaw can also cause the attacker to bypass the stack guard-page, which was introduced to protect against stack overflow attacks.

Exploits

Qualys researchers have come up with seven exploits and seven Proof-of-Concept (PoCs) for the Stack Clash vulnerability. The exploits have not yet been published publicly by the researchers so that they can give enough time for the admins and the users to patch their systems.

Patch Available

Affected vendors have already released security patches for the vulnerability and advise their users to update.

Source: https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash