Immediately after Qualys Research Labs reported that they found a Linux kernel flaw, which they call Stack Clash, which could allow an attacker to escalate his/her privileges on an unpatched machine because the size of the stack guard page is not sufficiently large, big GNU/Linux companies like Red Hat, Debian and Canonical have announced new kernel security updates for their supported OSes.
"The Qualys Research Labs discovered that the size of the stack guard page is not sufficiently large. The stack-pointer can jump over the guard-page and moving from the stack into another memory region without accessing the guard-page. In this case no page-fault exception is raised and the stack extends into the othe... (read more)
from Softpedia News / Linux http://ift.tt/2tO695C
via IFTTT
No comments:
Post a Comment