This advisory is provided as a courtesy.
We would like to bring to your attention on a vulnerability called "Stack Clash", which affects memory management functionality of all Linux operating systems, as well as OpenBSD, NetBSD, FreeBSD and Solaris operating systems. The vulnerability was discovered by Qualys researchers, who prepared proof of concepts and worked with the vendors to develop the patches.
Impact
The exploit allows local privilege escalations, allowing local users to exploit the vulnerability to obtain full root privileges.
Affected OSes
All unpatched Linux operating systems are affected, which include, but not limited to:
- CentOS 7.*
- CentOS 6.*
- Ubuntu 16.04
- Ubuntu 14.04
- Debian 8.*
- Debian 7.*
How to Fix the Problem
You may fix the problem by installing the latest patches for your operating system.
- On Ubuntu/Debian system:
apt-get update
apt-get upgrade
- On CentOS system:
yum update
Restart the servelet once all the updates have been installed.
More information
https://blog.qualys.com/securitylabs/2017/06/19/the-stack-clash
https://arstechnica.com/security/2017/06/12-year-old-security-hole-in-unix-based-oses-isnt-plugged-after-all/
Request Assistance
We can perform the patch installation for you at a one-time discounted fee of $10. Please submit your order at Order -> Additional Services -> Vulnerability Fix - LINUX & WINDOWS: Linux Kernel "Use-After-Free", OpenSSL, GNU C Library, Poodle SSLV3 and Stack Clash Vulnerability - $10.
Or please first open a support ticket and give us the hostname, IP address and OS template. You can find this information on your servelet's control panel.
For example:
Hostname: yourservelethostname
IP Address: 103.25.202.81
OS Template: CentOS 7.2
Thank you.
??
English
Bahasa Indonesia
???
Espanol