RHEL 6 : kernel (RHSA-2017:1487)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:1487 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A flaw was found in the way memory was...

Scientific Linux Security Update : kernel on SL7.x x86_64 (20170619) (Stack Clash)

Security Fixes : - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory...

Debian DSA-3886-1 : linux - security update (Stack Clash)

Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks. - CVE-2017-7487 Li Qiang reported a reference counter leak in the ipxitfioctl function which may result into a use-after-free vulnerability, triggerabl...

Debian DSA-3887-1 : glibc - security update (Stack Clash)

The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. For the full details, please refer to their advisory published at: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt...

RHEL 6 : glibc (RHSA-2017:1480) (Stack Clash)

An update for glibc is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

RHEL 6 : kernel (RHSA-2017:1486) (Stack Clash)

An update for kernel is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1618-1) (Stack Clash)

The SUSE Linux Enterprise 12 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and so...

SUSE SLES12 Security Update : kernel (SUSE-SU-2017:1615-1) (Stack Clash)

The SUSE Linux Enterprise 12 SP1 kernel was updated to receive various security and bugfixes. The following security bugs were fixed : - CVE-2017-1000364: The default stack guard page was too small and could be 'jumped over' by userland programs using more than one page of stack in functions and ...

RHEL 5 : kernel (RHSA-2017:1483) (Stack Clash)

An update for kernel is now available for Red Hat Enterprise Linux 5.9 Long Life. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

Debian DSA-3889-1 : libffi - security update (Stack Clash)

libffi, a library used to call code written in one language from code written in a different language, was enforcing an executable stack on the i386 architecture. While this might not be considered a vulnerability by itself, this could be leveraged when exploiting other vulnerabilities, like for...

Scientific Linux Security Update : glibc on SL7.x x86_64 (20170619) (Stack Clash)

Security Fixes : - A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap or different memory region and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory...

Amazon Linux AMI : kernel (ALAS-2017-845) (Stack Clash)

An issue was discovered in the size of the stack guard page on Linux, specifically a 4k stack guard page is not sufficiently large and can be jmp'ed over, this affects Linux Kernel versions 4.11.5 and earlier the stackguard page was introduced in 2010. CVE-2017-1000364 The offset2lib patch as use...

[ASA-201706-22] lib32-glibc: privilege escalation

Arch Linux Security Advisory ASA-201706-22 ========================================== Severity: High Date : 2017-06-20 CVE-ID : CVE-2017-1000366 Package : lib32-glibc Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-308 Summary ======= The package lib32-glibc befo...

Visualizing the Stack Clash Vulnerability with Dashboards

Security teams should apply vendor patches immediately to protect their Linux, OpenBSD, NetBSD, FreeBSD and Solaris infrastructure from The Stack Clash vulnerability also see the security advisory. To help in that effort, this blog post describes a new built-in Qualys AssetView dashboard to...

CVE-2017-1000379

The Linux Kernel running on AMD64 systems will sometimes map the contents of PIE executable, the heap or ld.so to where the stack is mapped allowing attackers to more easily manipulate the stack. Linux Kernel version 4.11.5 is affected...

The Stack Clash

What is the Stack Clash? The Stack Clash is a vulnerability in the memory management of several operating systems. It affects Linux, OpenBSD, NetBSD, FreeBSD and Solaris, on i386 and amd64. It can be exploited by attackers to corrupt memory and execute arbitrary code. Qualys researchers discovere...

Debian Security Advisory DSA 3888-1 (exim4 - security update)

The Qualys Research Labs discovered a memory leak in the Exim mail transport agent. This is not a security vulnerability in Exim by itself, but can be used to exploit a vulnerability in stack handling. OpenVAS Vulnerability Test $Id: deb3888.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generate...

Debian Security Advisory DSA 3887-1 (glibc - security update)

The Qualys Research Labs discovered various problems in the dynamic linker of the GNU C Library which allow local privilege escalation by clashing the stack. OpenVAS Vulnerability Test $Id: deb3887.nasl 6618 2017-07-07 14:17:52Z cfischer $ Auto-generated from advisory DSA 3887-1 using nvtgen 1.0...