Blog Tags: 

Stack-Clash vulnerability - Reboot to enable new patched kernel

Once again, thanks to community member John Carver for highlighting a new Linux vulnerability. Qualys Security Labs discovered and demonstrated the vulnerability, and have named it "Stack-Clash".

Blog Tags: 

CVE-2016-5195: Dirty COW - Privilege escalation kernel vulnerability

Thanks to TurnKey community member John Carver it has come to our attention that all existing deployments of TurnKey Linux are potentially vulnerable to CVE-2016-5195. As reported by Andrej Nemec last week on the Red Hat bugtracker "An unprivileged local user could use this flaw to gain write access to otherwise read only memory mappings and thus increase their privileges on the system."