Skip to main content
How to fix the Stack Guard security vulnerability

What is Stack Guard Security Vulnerability and How to fix it?

 

A very serious flaw was found in the way memory was being allocated on the stack for user space binaries. If heap (or different memory region) and stack memory regions were adjacent to each other, an attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent memory region, and thus increase their privileges on the system.

Is it a new vulnerability?

The idea of clashing the stack with another memory region is not new: it was exploited a first time in 2005 and a second time in 2010. After the 2010 exploit, Linux introduced a protection against such exploits: the so-called stack guard page CVE-2010-2240.

What is a Stack Guard Page?

Access to the stack guard page triggers a trap, so it serves as a divider between a stack memory region and other memory regions in the process address space so that sequential stack access cannot be fluently transformed into access to another memory region adjacent to the stack (and vice versa).

However, the Security experts of Qualys found different ways to reintroduce CVE-2010-2240 –  mainly because developers weren’t building their code with sufficient stack protection checks.

How to fix the Stack Guard Security Vulnerability?

RHEL/CentOS:

1. You can initiate a full yum update using the below command:

yum update
reboot

OR

2. Update the kernel and glibc packages:

yum update "kernel*"
yum update "glibc"

Debian or Ubuntu Linux:

Update the server using the following command:

sudo apt-get update && sudo apt-get upgrade && sudo apt-get dist-upgrade
reboot

Suse Enterprise Linux or Opensuse Linux

sudo zypper patch
sudo reboot

SUSE OpenStack Cloud 6

sudo zypper in -t patch SUSE-OpenStack-Cloud-6-2017-996=1
sudo reboot

SUSE Linux Enterprise Server for SAP 12-SP1

sudo zypper in -t patch SUSE-SLE-SAP-12-SP1-2017-996=1
sudo reboot

SUSE Linux Enterprise Server 12-SP1-LTSS

sudo zypper in -t patch SUSE-SLE-SERVER-12-SP1-2017-996=1
sudo reboot

SUSE Linux Enterprise Module for Public Cloud 12

sudo zypper in -t patch SUSE-SLE-Module-Public-Cloud-12-2017-996=1
sudo reboot

References:

What is Stack Guard Security Vulnerability and How to fix it?
5 (100%) 1 vote

GeeksAlive

TheGeeksAlive is all about Linux, Server Administration, Web Hosting and other Open Source Technologies.