The Stack Clash vulnerability – what is it and does it affect you?

A new and very dangerous vulnerability has just emerged in the world of Unix-based operating systems (Linux, FreeBSD, and OpenBSD). The Stack Clash vulnerability has spread in a lightning-fast way during the past weeks and neglecting it would mean to leave a large security hole in your website(s).

Of course, all of the currently-released verified patches have already been installed on our cutting-edge web hosting platform.

However, we recommend that you read the following paragraphs in order to learn more about the Stack Clash’s mechanism. This way, you’ll probably be able to detect it more easily and protect yourself better.

What is the Stack Clash vulnerability?

The Stack Clash vulnerability follows a popular privilege escalation scenario known to the Unix community for quite some time.

The vulnerability itself is an OS memory management flaw which can be used by hackers to elevate their privileges and eventually gain full root access to the server where your website is hosted.

Though it may sound surprising, the stack clashes were first discovered and explained by the well-known security researcher Gaël Delalleau more than a decade ago (2005).

Since the Stack Clash flaw emerged once again in 2010, the Linux development team began working on a long-term solution to this problem.

As a result, the stack guard page was added to the Linux kernel. The goal was to prevent any stack memory region from interfering with another one or any other memory process.

Unfortunately, the stack guard page was successfully hacked not long after its introduction. Hackers were once again able to gain access to computers. Currently, new patches and fixes are on the way.

How does the Stack Clash vulnerability work?

Since Stack Clash has gained so much popularity lately, some of the top security specialists employed by the cloud security provider Qualys have closely examined it to figure out exactly how it works. Each Stack Clash attack turned out to be a result of the following vulnerabilities.

The Stack Clash vulnerability allows for a specific stack memory region to interfere with some other region of the same type. This leads to temporary confusion – and at that very moment, your system is prone to hacking.

Another vulnerability called the CVE-2017-1000367 can be exploited together with the aforementioned basic Stack Clash vulnerability so that full root access is given to a hacker.

According to Qualys, the Stack Clash vulnerability can also be employed for remote vulnerability exploitation, so it’s indeed an issue that has to be addressed as quickly as possible.

New Stack Clash vulnerability system patches coming soon

Following the rediscovery of the Stack Clash Unix-based OS vulnerability, all major web hosting service providers started working on patches that had to be released as soon as possible.

Global OS vendors started to prepare various bug fixes and patches as well. The popular Red Hat international open-source software corporation released an immediate kernel patch. It needs some resources to do its job, however, it’s efficient and it shouldn’t affect any of your standard operations.

The Linux Kernel Organization has also released several patches that combat the Stack Clash vulnerability.

Check out our blog regularly, so that you can stay informed on any new Stack Clash news and updates.