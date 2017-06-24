Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

 


'Stack Clash' Linux Flaw Enables Root Access. Patch Now (threatpost.com) 22

Posted by EditorDavid from the escalating-privileges dept.
msm1267 writes: Linux, BSD, Solaris and other open source systems are vulnerable to a local privilege escalation vulnerability known as Stack Clash that allows an attacker to execute code at root. Major Linux and open source distributors made patches available Monday, and systems running Linux, OpenBSD, NetBSD, FreeBSD or Solaris on i386 or amd64 hardware should be updated soon.

The risk presented by this flaw, CVE-2017-1000364, becomes elevated especially if attackers are already present on a vulnerable system. They would now be able to chain this vulnerability with other critical issues, including the recently addressed Sudo vulnerability, and then run arbitrary code with the highest privileges, said researchers at Qualys who discovered the vulnerability.

  • Interesting, makes me wonder (Score:1)

    by Anonymous Coward
    Very interesting that the major flavors (Sys V, BSD, and Linux [which I consider a rewrite of Sys V]) are vulnerable. Sounds like a deep seated logic flaw there. Wonder if other vendor specific ones (IRIX, SunOS, Ultrix, AIX, etc) are vulnerable.

    • Re: Interesting, makes me wonder (Score:2, Interesting)

      by Anonymous Coward

      It's only on specific processor types, which indicates the flaw is in the chips' instruction set and the OS patch is a mitigation.

  • This exploit still requires local access to a machine, so it's not as bad as people claim. Unless you're giving random people shell access to your server.

    • Re: (Score:2)

      by Zocalo ( 252965 )
      Two words: "priviledge" and "escalation".

      You might not be giving random people shell access to your server, but if they've managed to acquire it through some other means (e.g. a compromised acccount or some other form of compromise) this means that they can pretty much be assured of being able to go from there to root until you install the patch. Not as bad as a remote root exploit, but still very nasty and worth the "Patch Now".
  • It is called Stack Smashing and OpenBSD is NOT vulnerable to it!

  • Red Hat Linux... (Score:3)

    by creimer ( 824291 ) on Saturday June 24, 2017 @01:11PM (#54682535) Homepage

    Red Hat sent out a notification on Monday. Nice to see the Slashdot editors catching up on the news this weekend.

    https://access.redhat.com/security/cve/cve-2017-1000364 [redhat.com]

