HOW CAN WE HELP YOU TODAY?

1
Knowledgebase: Announcements
Kernel & Glibc Stack Guard security vulnerability
Posted by Melvin B on 23 June 2017 02:20 PM

A new kernel & glibc Stack Guard security vulnerability (CVE-2017-1000364) has been reported by RedHat.

Information :
A flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system.

You can refer to the following link for more details:

****
https://access.redhat.com/security/cve/cve-2017-1000364
****

>>How to find out whether your server is vulnerable or not?

1. Download the latest vulnerability detection script from https://access.redhat.com/security/vulnerabilities/stackguard from the Diagnose tab
2. run it on your server.

>>How to fix the Vulnerability?

Debian/Ubuntu

Update and upgrade your packages using apt-get.
#apt-get update && sudo apt-get dist-upgrade

You'll need to reboot your server to apply the changes.
#reboot

CentOS

Using either of the two methods mentioned below:-

1. You can initiate a full yum update using the below command:

yum update

OR

2. just update the kernel and glibc packages:

yum update "kernel*"
yum update "glibc"

You'll need to reboot your server to apply the changes.
#reboot

If you face any issues in patching your server, please feel free to contact our support helpdesk in case you have any queries.