À´Ô´£ºcnbeta
Linux, OpenBSD, NetBSD, FreeBSDºÍSolarisϵͳ±»±¬´æÔڷdz£ÑÏÖصÄÄÚ´æ³åͻ©¶´£¬ÔÊÐí¹¥»÷Õß»ñÈ¡rootȨÏÞ²¢È«È¨¿ØÖÆÊܸÐȾµÄϵͳ¡£Õâ¸öÎÊÌâ×îÔçÓÉ°²È«¹©Ó¦ÉÌQualys·¢ÏÖ£¬²¢¸ù¾Ý¸Ã©¶´ÐèÒªºÍÆäËûµÄÄÚ´æÇøµÄ¶ÑÕ»½øÐС°Åöײ³åÍ»¡±ÌØÐÔ£¬½«ÆäÃüÃûΪ¡°Stack Clash¡±£¨¶ÑÕ»³åÍ»£©¡£
¸ù¾ÝQualysÌṩµÄ±¨¸æ£¬ÔÚµçÄÔÉÏÖ´ÐеÄÿ¸ö³ÌÐò¶¼»áʹÓõ½ÄÚ´æ¶ÑÕ»£¬¸ÃÇøÓò»á¸ù¾Ý³ÌÐòµÄÐèÇó×Ô¶¯À©³ä¡£µ«ÊÇÈç¹ûÀ©³äÌ«¶àÒÔÖÁÓÚÌ«¿¿½üÁíÒ»¸öÄÚ´æ¶ÑÕ»ÇøÓò£¬ÄÇô³ÌÐò¾Í»á±»¸ãÂÒ£¬ÄÇôºÚ¿Í¾Í¿ÉÒÔ³ÃÂÒ¸²¸Ç¸ÃÄÚ´æ¶ÑÕ»Çø¡£
ÕâÖÖ¹¥»÷·½Ê½£¨CVE-2010-2240£©ÔÚ2005-2010ÄêÆÚ¼äÒѾ±»·¢ÏÖ£¬Ö±µ½Linuxϵͳ·¢Õ¹¶ÑÕ»±£»¤Ò³£¨stack guard-page£©´ó·ù½µµÍÁË´ËÀ๥»÷£¬ÕâÊÇÒ»¸ö4KB´óСµÄÄÚ´æÒ³Ãæ»áÓ³É䵱ǰµÄ¶ÑÕ»¡£ ²»¹ýQualysÔÚ×îеIJâÊÔÖдòÔìÁË7¿î¹¥»÷³ÌÐò£¬Ö¤Ã÷ÕâÖÖ±£»¤ÐÎʽÊÇÍêÈ«²»¹»µÄ¡£
Stack ClashµÄÖ÷Ҫ©¶´ÎªCVE-2017-1000364£¬´ÎҪ©¶´ÎªVE-2017-1000365£¬´ËÍ⻹ÓÐÒ»¸ö¿É¶ÀÁ¢¿ª²ÉµÄCVE-2017-1000367¡£Â©¶´Ç鱨¹«Ë¾Risk Based SecurityµÄÊ×ϯÑо¿×¨¼Ò±íʾ£º¡°Qualys±¾´Î·¢²¼µÄÕâÖÖ¹¥»÷·½Ê½£¬×îÖ÷ÒªµÄÔÒòÊÇÄÚ´æ¶ÑÕ»·ÖÅä¿ÉÒÔ±»Ò»Ð©·ÇÁ¬Ðø·½Ê½½øÐпØÖÆ¡£Òâζ×ÅÄܹ»Ìø¹ý¶ÑÕ»±£»¤Ò³²¢²Ù×ÝÏàÁÚµÄÄÚ´æÇøÓò¡£¡±
°üÀ¨Red Hat¡¢Debian¡¢UbuntuºÍSUSEµÈºÜ¶àLinux·¢Ðлú¹¹ÒѾÐÞ¸´ÁËÕâ¸ö©¶´¡£¸ü¶à¸üÏêϸÐÅÏ¢¿ÉÒÔ·ÃÎÊ£º
SUSE
https://www.novell.com/support/kb/doc.php?id=7020973
Red Hat
https://access.redhat.com/security/vulnerabilities/stackguard
Debian
https://www.debian.org/security/2017/dsa-3886
https://www.debian.org/security/2017/dsa-3887
https://www.debian.org/security/2017/dsa-3888
https://www.debian.org/security/2017/dsa-3889
Ubuntu
https://www.ubuntu.com/usn/
OpenBSD
https://ftp.openbsd.org/pub/OpenBSD/patches/6.1/common/008_exec_subr.patch.sig
Oracle Solaris
http://www.oracle.com/technetwork/security-advisory/alert-cve-2017-3629-3757403.html
