Security Advisory: Stack Clash Vulnerability

DIG-INSIGHT_Security_Advisory_Stack_Clash

On June 19, 2017 Qualys published details on a security vulnerability that’s now known as Stack Clash. The vulnerability is related to the memory management of Linux and other flavors of Unix. The most common attack vector for this vulnerability is via a local attacker, however a network enabled service may be vulnerable as well.

How does Stack Clash work?
Operating systems manage memory for the various programs that it tries to run. If the memory for a program (colloquially known as a “stack” if managed by the kernel or “heap” if managed by the program) is mismanaged, it can “clash”, “jump” or “smash” other program’s stack. Most Unix flavors have implemented stackguard (or a similar system) in response to CVE-2010-2240.

However, Stack Clash circumvents these memory protections by not accessing memory sequentially as covered by previous Common Vulnerabilities and Exposures (CVEs). We encourage you to read through the exploits described in the Qualys bulletin; it’s worth the read.

Who is impacted?
This vulnerability is present in the following types of operating systems: Linux, OpenBSD, NetBSD, FreeBSD and Solaris on i386 or amd64. (Please note that the MacOS may be vulnerable too).

Verizon Digital Media Services has taken the necessary steps to mitigate this vulnerability on impacted systems.

What should I do?
If your infrastructure uses the above mentioned operating systems, then you are likely affected. Most of the affected vendors already have patches available, and we strongly recommend you update your system with the latest patches. Please refer to the list of security advisories by the affected OS vendors below.

Please reach out to your account team or the Verizon Digital Media Services support team at vdmsinfo@verizon.com or +1(877)334-3236 if you have further questions regarding the Stack Clash.

Further readings
Qualys original blog post disclosing the Stack Clash vulnerability: https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash

Full details on the vulnerability by Qualys: https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt

Security advisories by OS vendors
Debian

https://www.debian.org/security/2017/dsa-3886

https://www.debian.org/security/2017/dsa-3887

https://www.debian.org/security/2017/dsa-3888

https://www.debian.org/security/2017/dsa-3889

OpenBSD

https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/008_exec_subr.patch.sig

Oracle Solaris

http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-3629-3757403.html

SUSE

https://www.novell.com/support/kb/doc.php?id=7020973

Red Hat

https://access.redhat.com/security/vulnerabilities/stackguard

Ubuntu

https://www.ubuntu.com/usn/usn-3335-1/

×