Results 1 to 1 of 1

Thread: Kernel & Glibc Stack Guard security vulnerability

  1. #1

    Kernel & Glibc Stack Guard security vulnerability

    Hello All,

    A new kernel & glibc Stack Guard security vulnerability (CVE-2017-1000364) has been reported by RedHat.

    Information :
    A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system.

    You can refer to the following link for more details:

    ****

    https://access.redhat.com/security/cve/cve-2017-1000364
    ****

    How to find out whether your server is vulnerable or not?

    1. Download the latest vulnerability detection script from https://access.redhat.com/security/v...ies/stackguard from the Diagnose tab
    2. run it on your server.

    How to fix the Vulnerability?

    Debian/Ubuntu

    Update and upgrade your packages using apt-get :

    #apt-get update && sudo apt-get dist-upgrade

    You'll need to reboot your server to apply the changes :

    #reboot

    CentOS

    Using either of the two methods mentioned below:-

    1. You can initiate a full yum update using the below command :

    yum update

    OR

    2. just update the kernel and glibc packages:

    yum update "kernel*"
    yum update "glibc"

    You'll need to reboot your server to apply the changes :

    #reboot


    Please feel free to contact our support helpdesk in case you have any queries.
    Last edited by Gatorashish; 06-23-2017 at 04:12 PM.
    Sonu Singh
    HostGator India

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •