Home Data Center Can the Linux Stack Clash Vulnerability Affect Containers?

Can the Linux Stack Clash Vulnerability Affect Containers?

Can the Linux Stack Clash Vulnerability Affect Containers?

The recently discovered ‘Stack Clash’ vulnerability in Linux-based systems is another critical security issue like Dirty Cow, but can the stack clash vulnerability affect containers, and what could an attacker do?

The short answer is yes, an attacker could exploit the vulnerability to gain root privileges within a container, but not necessarily be able to break out from the container. However, if the exploit occurs in the user space on the host, the escalation to root on the linux host itself is a critical security event which the attacker could use to compromise running containers or the Docker daemon itself.

The Stack Clash Vulnerability

This vulnerability (CVE-2010-2240) was recently discovered by security vendor Qualys researchers and has been named “Stack Clash” because it involves “clashing” the stack with another memory region, such as the heap. A flaw was found in the way memory was being allocated on the stack for user space binaries, which could allow an attacker to jump over the stack guard gap. This could cause controlled memory corruption on the process stack or the adjacent memory region, and thus increase their privileges on the system.

Read the entire article here, Can the Linux Stack Clash Vulnerability Affect Containers?

via NeuVectdor.

NeuVector NeuVector was founded by security and enterprise software veterans with the vision of simple, scalable security for container based applications. The team has over 20 years of security, virtualization, and enterprise software experience from companies such as VMWare, Fortinet, Cisco, and Trend Micro.

Featured Resources:

Related Articles:


White Papers

    Application Lifecycle Management with Stratusphere UX – White Paper

    Enterprises today are faced with many challenges, and among those at the top of the list is the struggle surrounding the design, deployment, management and operations that support desktop applications. The demand for applications is increasing at an exponential rate, and organizations are being forced to consider platforms beyond physical, virtual and cloud-based environments. Users […]


      Download Commvault VM Backup and Recovery: end-to-end VM backup, recovery and cloud management

      Commvault’s ability to provide end-to-end VM backup, recovery and cloud management creates a significantly better way to build, protect and optimize VMs throughout their lifecycle. Our best-in-class software for VM backup, recovery and cloud management delivers a number of significant benefits, including: VM recovery with live recovery options; backup to and in the cloud; custom-fit […]

      On-Demand Webinars

        What’s Going on in EUC Printing – A Technical Deep Dive!

        The IGEL Community and ThinPrint invite you to watch the following technical deep dive webinar. The agenda is to technically bring you up to speed on what’s going on in the EUC Printing space today along with a deep dive into new methods, technologies, printing scenarios and a discussion on why printing still matters. You […]

        Latest Videos

          Views All IT News on DABCC.com
          Views All IT Videos on DABCC.com
          Win big $$, visit ITBaller.com for more info!

          Visit Our Sponsors