Users are urged to update their systems immediately

Jun 21, 2017 15:55 GMT  ·  By

Red Hat, Debian, and CentOS have all announced that they have patched the recently discovered "Stack Clash" Linux vulnerability in the kernel packages for their supported operating systems.

Immediately after Qualys Research Labs reported that they found a Linux kernel flaw, which they call Stack Clash, which could allow an attacker to escalate his/her privileges on an unpatched machine because the size of the stack guard page is not sufficiently large, big GNU/Linux companies like Red Hat, Debian and Canonical have announced new kernel security updates for their supported OSes.

"The Qualys Research Labs discovered that the size of the stack guard page is not sufficiently large. The stack-pointer can jump over the guard-page and moving from the stack into another memory region without accessing the guard-page. In this case no page-fault exception is raised and the stack extends into the other memory region. An attacker can exploit this flaw for privilege escalation," reads the latest Debian Security Advisory.

Ubuntu users are also protected against the Stack Clash vulnerability

We've already reported on Canonical for releasing updated kernels for all of their supported Ubuntu Linux operating systems, including Ubuntu 17.04, Ubuntu 16.10, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS, and now Debian Project released kernel updates for Debian Jessie (version 3.16.43-2+deb8u1) and the recently released Debian GNU/Linux 9 "Stretch" (version 4.9.30-2+deb9u1), urging users to update their installation as thirteen other security flaws were fixed.

On the other side of the camp, Red Hat announced that they patched the Stack Clash vulnerability in the kernel packages of Red Hat Enterprise Linux Desktop 7, Red Hat Enterprise Linux Server 7, Red Hat Enterprise Linux Workstation 7.3, Red Hat Enterprise Linux Server TUS 7.3, and Red Hat Enterprise Linux HPC Node 7 operating systems, which means that CentOS 7 users have also received the updated kernel (version 3.10.0-514.21.2.el7). All users are urged to update their installations as soon as possible!