Ancient memory handling flaw haunts BSD, Linux

By on
Ancient memory handling flaw haunts BSD, Linux

Vulnerable to "Stack Clash".

Admins are advised to patch their operating system installations against a decade-long memory management flaw that can be exploited to escalate user privileges to root superuser, potentially leading to a full system takeover.

Security vendor Qualys published an advisory and wrote proofs-of-concept for the vulnerability, dubbed Stack Clash, which stems from an insufficiently robust memory management protection implementation in modern operating systems.

The stack is an area of memory used by computer programs to store data during execution. It can expand and contract automatically, depending on the needs of the running code. 

Attackers can exploit this to grow an application's stack to collide or clash with nearby memory regions and overwrite the content.

While Stack Clash requires local access for exploitation, Qualys said it can be combined with other vulnerabilities to perform attacks. There is also a theoretical possibility of remote exploitation of Stack Clash via specific applications, although the one test case Qualys went through "turned out to be unexploitable by sheer luck," the security vendor said.

Qualys found that the UNIX-like FreeBSD, OpenBSD, NetBSD and Solaris operating systems along with Linux were vulnerable to Stack Clash. 

Linux distributions and the BSD operating system maintainers are releasing patches for Stack Clash.

As a workaround, admins can reboot systems or manually apply stack limits to local users' applications.

However Qualys warned that this could lead to some programs falling over, and recommended systems be updated as soon as possible instead.

The vulnerability has been observed since 2004, and protection mechanisms were developed by open source coders in the following years.

However, Qualys' research showed that the protection mechanisms are inadequate to prevent attackers with user access to systems from exploiting the vulnerability.

The company believes other operating systems such as Windows, Apple's OS X/macOS and Google's Linux-based Android could also be vulnerable but is yet to conduct research on them.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
freebsd linux netbsd openbsd qualys security solaris stack clash

Sponsored Whitepapers

Develop a resiliency strategy that integrates risk analysis & continuity management
Develop a resiliency strategy that integrates risk analysis & continuity management
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
IBM Maximo: Manage any asset, anytime, any place with mobile EAM
Optimise your operations with APM and AI-Powered insights
Optimise your operations with APM and AI-Powered insights
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Forrester Study: Understand the total economic impact of using IBM Cloud Pak™ for Data
Technology skill development: The strategy for building better teams
Technology skill development: The strategy for building better teams

Events

Most Read Articles

Aussie Broadband makes late push for NBN high-speed upgraders

Aussie Broadband makes late push for NBN high-speed upgraders
Any Android security app is better than Google Play Protect

Any Android security app is better than Google Play Protect
Australian Covid-19 vaccine certificates come to digital wallets

Australian Covid-19 vaccine certificates come to digital wallets
Services Australia shifts most Centrelink payments to SAP S/4 HANA

Services Australia shifts most Centrelink payments to SAP S/4 HANA

Log In

Email:
Password:
  |  Forgot your password?