[Beowulf] Heads up - Stack-Clash local root vulnerability
Christopher Samuel
samuel at unimelb.edu.au
Tue Jun 20 17:21:52 PDT 2017
Hi all,
In the interest of being a good citizen there's a new local root
vulnerability for Linux, *BSD and Solaris.
https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
# The Stack Clash is a vulnerability in the memory management of
# several operating systems. It affects Linux, OpenBSD, NetBSD,
# FreeBSD and Solaris, on i386 and amd64. It can be exploited
# by attackers to corrupt memory and execute arbitrary code.
They list links to various distros information on the issue.
For instance RHEL have released both kernel and glibc updates, but of
course that begs the question of statically linked binaries (yes, I
know, don't do that, but they are common) and containers such as Shifter
& Singularity with older glibc's.
I suspect in those cases you have to rely entirely on the kernel
mitigation of increasing the stack guard gap size.
cheers,
Chris
--
Christopher Samuel Senior Systems Administrator
Melbourne Bioinformatics - The University of Melbourne
Email: samuel at unimelb.edu.au Phone: +61 (0)3 903 55545
More information about the Beowulf
mailing list