Stack Clash Vulnerability Exploits Linux Stack Guard

In 2010, Linux kernel developers added a new memory stack protection capability called Stack Guard to help limit the risk of a vulnerability identified as CVE-201-2240.

As it turns out, the Stack Guard mitigation isn’t entirely complete, according to security firm Qualys, potentially enabling a local attacker to escalate privileges. Qualys is calling the Stack Guard flaw Stack Clash, which actually refers to two specific vulnerabilities including CVE-2017-1000364 for the Linux kernel and CVE-2017-10000366 for glibc.