5 things you need to know about Stack Clash to secure your shared Linux environment
The Stack Clash vulnerability in Linux, Solaris and BSD-based systems would let attackers gain root privileges and take full control of the machine, Qualys researchers warned Monday. Hosting providers and administrators of shared environments need to pay particular attention to this flaw since one compromised user can result in all other users on the same server being compromised.
Stack Clash refers to a set of escalation privileges vulnerabilities (CVE-2017-1000364, CVE-2017-1000365 and CVE-2017-1000367, to name a few) affecting the application stack, a memory region that holds short-term data for applications which automatically grows as needed. When the application’s stack grows too large, it can get too close to the heap, the memory region that holds information such as the files being viewed and edited. Attackers can take advantage of the proximity of the two to confuse the application into overwriting parts of the stack and the heap. Doing so hijacks the flow of execution within the application.