{"id":76190,"date":"2023-08-20T01:49:17","date_gmt":"2023-08-19T17:49:17","guid":{"rendered":"http:\/\/lrxjmw.cn\/?p=76190"},"modified":"2023-08-20T01:49:17","modified_gmt":"2023-08-19T17:49:17","slug":"linux_stack-clash","status":"publish","type":"post","link":"https:\/\/lrxjmw.cn\/linux_stack-clash.html","title":{"rendered":"Stack Clash\uff1aLinux\u5b89\u5168\u6740\u624b"},"content":{"rendered":"\n\n\n

\u5bfc\u8bfb<\/td>\n

Linux, OpenBSD, NetBSD, FreeBSD\u548cSolaris\u7cfb\u7edf\u88ab\u7206\u5b58\u5728\u975e\u5e38\u4e25\u91cd\u7684\u5185\u5b58\u51b2\u7a81\u6f0f\u6d1e\uff0c\u5141\u8bb8\u653b\u51fb\u8005\u83b7\u53d6root\u6743\u9650\u5e76\u5168\u6743\u63a7\u5236\u53d7\u611f\u67d3\u7684\u7cfb\u7edf\u3002\u8fd9\u4e2a\u95ee\u9898\u6700\u65e9\u7531\u5b89\u5168\u4f9b\u5e94\u5546Qualys\u53d1\u73b0\uff0c\u5e76\u6839\u636e\u8be5\u6f0f\u6d1e\u9700\u8981\u548c\u5176\u4ed6\u7684\u5185\u5b58\u533a\u7684\u5806\u6808\u8fdb\u884c\u201c\u78b0\u649e\u51b2\u7a81\u201d\u7279\u6027\uff0c\u5c06\u5176\u547d\u540d\u4e3a\u201cStack Clash\u201d\uff08\u5806\u6808\u51b2\u7a81\uff09\u3002<\/strong><\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n
$\"\"$
\n\u6839\u636eQualys\u63d0\u4f9b\u7684\u62a5\u544a\uff0c\u5728\u7535\u8111\u4e0a\u6267\u884c\u7684\u6bcf\u4e2a\u7a0b\u5e8f\u90fd\u4f1a\u4f7f\u7528\u5230\u5185\u5b58\u5806\u6808\uff0c\u8be5\u533a\u57df\u4f1a\u6839\u636e\u7a0b\u5e8f\u7684\u9700\u6c42\u81ea\u52a8\u6269\u5145\u3002\u4f46\u662f\u5982\u679c\u6269\u5145\u592a\u591a\u4ee5\u81f3\u4e8e\u592a\u9760\u8fd1\u53e6\u4e00\u4e2a\u5185\u5b58\u5806\u6808\u533a\u57df\uff0c\u90a3\u4e48\u7a0b\u5e8f\u5c31\u4f1a\u88ab\u641e\u4e71\uff0c\u90a3\u4e48\u9ed1\u5ba2\u5c31\u53ef\u4ee5\u8d81\u4e71\u8986\u76d6\u8be5\u5185\u5b58\u5806\u6808\u533a\u3002<\/p>\n
\u8fd9\u79cd\u653b\u51fb\u65b9\u5f0f\uff08CVE-2010-2240\uff09\u57282005-2010\u5e74\u671f\u95f4\u5df2\u7ecf\u88ab\u53d1\u73b0\uff0c\u76f4\u5230Linux\u7cfb\u7edf\u53d1\u5c55\u5806\u6808\u4fdd\u62a4\u9875\uff08stack guard-page\uff09\u5927\u5e45\u964d\u4f4e\u4e86\u6b64\u7c7b\u653b\u51fb\uff0c\u8fd9\u662f\u4e00\u4e2a4KB\u5927\u5c0f\u7684\u5185\u5b58\u9875\u9762\u4f1a\u6620\u5c04\u5f53\u524d\u7684\u5806\u6808\u3002 \u4e0d\u8fc7Qualys\u5728\u6700\u65b0\u7684\u6d4b\u8bd5\u4e2d\u6253\u9020\u4e867\u6b3e\u653b\u51fb\u7a0b\u5e8f\uff0c\u8bc1\u660e\u8fd9\u79cd\u4fdd\u62a4\u5f62\u5f0f\u662f\u5b8c\u5168\u4e0d\u591f\u7684\u3002<\/p>\n
Stack Clash\u7684\u4e3b\u8981\u6f0f\u6d1e\u4e3aCVE-2017-1000364\uff0c\u6b21\u8981\u6f0f\u6d1e\u4e3aVE-2017-1000365\uff0c\u6b64\u5916\u8fd8\u6709\u4e00\u4e2a\u53ef\u72ec\u7acb\u5f00\u91c7\u7684CVE-2017-1000367\u3002\u6f0f\u6d1e\u60c5\u62a5\u516c\u53f8Risk Based Security\u7684\u9996\u5e2d\u7814\u7a76\u4e13\u5bb6\u8868\u793a\uff1a\u201cQualys\u672c\u6b21\u53d1\u5e03\u7684\u8fd9\u79cd\u653b\u51fb\u65b9\u5f0f\uff0c\u6700\u4e3b\u8981\u7684\u539f\u56e0\u662f\u5185\u5b58\u5806\u6808\u5206\u914d\u53ef\u4ee5\u88ab\u4e00\u4e9b\u975e\u8fde\u7eed\u65b9\u5f0f\u8fdb\u884c\u63a7\u5236\u3002\u610f\u5473\u7740\u80fd\u591f\u8df3\u8fc7\u5806\u6808\u4fdd\u62a4\u9875\u5e76\u64cd\u7eb5\u76f8\u90bb\u7684\u5185\u5b58\u533a\u57df\u3002\u201d<\/p>\n
\u5305\u62ecRed Hat\u3001Debian\u3001Ubuntu\u548cSUSE\u7b49\u5f88\u591aLinux\u53d1\u884c\u673a\u6784\u5df2\u7ecf\u4fee\u590d\u4e86\u8fd9\u4e2a\u6f0f\u6d1e\u3002\u66f4\u591a\u66f4\u8be6\u7ec6\u4fe1\u606f\u53ef\u4ee5\u8bbf\u95ee\uff1a<\/p>\n
SUSE<\/p>\n
https:\/\/www.novell.com\/support\/kb\/doc.php?id=7020973<\/a><\/p>\n
Red Hat<\/p>\n
https:\/\/access.redhat.com\/security\/vulnerabilities\/stackguard<\/a><\/p>\n
Debian<\/p>\n
https:\/\/www.debian.org\/security\/2017\/dsa-3886<\/a><\/p>\n
https:\/\/www.debian.org\/security\/2017\/dsa-3887<\/a><\/p>\n
https:\/\/www.debian.org\/security\/2017\/dsa-3888<\/a><\/p>\n
https:\/\/www.debian.org\/security\/2017\/dsa-3889<\/a><\/p>\n
Ubuntu<\/p>\n
https:\/\/www.ubuntu.com\/usn\/<\/a><\/p>\n
OpenBSD<\/p>\n
https:\/\/ftp.openbsd.org\/pub\/OpenBSD\/patches\/6.1\/common\/008_exec_subr.patch.sig<\/a><\/p>\n
Oracle Solaris<\/p>\n
http:\/\/www.oracle.com\/technetwork\/security-advisory\/alert-cve-2017-3629-3757403.html<\/a><\/p>\n
<\/p>\n
\n
\u539f\u6587\u6765\u81ea\uff1a http:\/\/www.cnbeta.com\/articles\/soft\/624567.htm<\/a><\/p>\n
\u672c\u6587\u5730\u5740\uff1a http:\/\/lrxjmw.cn\/linux_stack-clash.html<\/a>\u7f16\u8f91\uff1a\u5468\u6653\u96ea\uff0c\u5ba1\u6838\u5458\uff1a\u9004\u589e\u5b9d<\/span><\/p>\n<\/blockquote>\n","protected":false},"excerpt":{"rendered":"
\u5bfc\u8bfb Linux, OpenBSD, NetBSD, FreeBSD\u548cSolaris\u7cfb\u7edf\u88ab\u7206\u5b58\u5728\u975e\u5e38\u4e25\u91cd\u7684\u5185\u5b58 […]<\/p>\n","protected":false},"author":63,"featured_media":76194,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[21],"tags":[],"class_list":["post-76190","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"acf":[],"_links":{"self":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/76190","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/users\/63"}],"replies":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/comments?post=76190"}],"version-history":[{"count":5,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/76190\/revisions"}],"predecessor-version":[{"id":280452,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/posts\/76190\/revisions\/280452"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media\/76194"}],"wp:attachment":[{"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/media?parent=76190"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/categories?post=76190"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/lrxjmw.cn\/wp-json\/wp\/v2\/tags?post=76190"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}