edit-icon download-icon

[Vulnerability notice] CVE-2017-1000364/CVE-2017-1000366: Linux Kernel Stack Clash security vulnerability

Last Updated: Mar 19, 2018

On June 19, 2017, researchers of a security company outside China discovered an elevation of privilege vulnerability in Unix operating systems (including Linux, OpenBSD, and FreeBSD). This vulnerability enables attackers to obtain the root privilege by running code. It affects almost all Linux systems.

Alibaba Cloud Security reminds you to follow up and install patches in time to prevent elevation of privilege attacks initiated by exploiting this vulnerability.

See the following for more information about the vulnerability.


CVE identifier

  • CVE-2017-1000364
  • CVE-2017-1000366

Vulnerability name

Linux Kernel Stack Clash security vulnerability

Vulnerability rating

Important

Vulnerability description

This vulnerability is triggered by a stack collision in operating system memory management, and affects Linux, FreeBSD, OpenBSD, NetBSD, Solaris, i386, and AMD64. Attackers can exploit this vulnerability to damage the memory and run any code on a target system to elevate their common privilege to the root privilege.

Affected scope

Red Hat Enterprise Linux/CentOS:

  • Red Hat Enterprise Linux 5
  • Red Hat Enterprise Linux 6
  • Red Hat Enterprise Linux 7

Ubuntu: Not affected

Debain:

  • wheezy 3.2.78-1
  • jessie 3.16.43-2

SuSE:

Kernel-default <= 4.4.59-92

Condition and method of exploitation

Local or remote exploitation.

Vulnerability detection

Run the uname -a command to check the kernel version.

How to fix or mitigate

Pay attention to patches released by Linux providers:

Reference

[1]. https://www.qualys.com/2017/06/19/stack-clash/stack-clash.txt
[2]. https://access.redhat.com/security/vulnerabilities/stackguard

Thank you! We've received your feedback.