This is a security advisory related to a recently reported Linux kernel vulnerability, referred to as Stack Clash, that requires action on your part. We strongly recommend reviewing the information below and taking action as described to keep your Gemini appliance and your operating environment secure. What is the Stack Clash?Stack Clash is a vulnerability recently discovered in the OS kernel for Linux and other flavors of Unix. It can be exploited to gain privileged access to the system by a local attacker. It takes advantage of memory management vulnerabilities to overwrite the “stack” and cause confusion within the kernel (the “clash”) which can then be utilized for gaining privileged access.What systems are affected?This affects any system based on Linux or numerous other flavors of Unix, including all Gemini appliances. The vulnerability is not contained within the Gemini-developed code, but within the Linux-based kernel used in the custom Gemini OS.What is the danger?The proven exploits of this vulnerability are related to Local Privilege Escalation, meaning that any user with login access can obtain full root privileges on the system. At this point, all analysis has only shown this to be possible using local access, and not remotely over the network. In any case, we recommend taking immediate action to mitigate this risk.When was it discovered?The vulnerability was reported by Qualys on June 19th, 2017.Have there already been reported exploits?Gemini has not received any reports of exploits. For reports of general exploits connected to this vulnerability, refer to this advisory maintained by Qualys.What exactly do you need to do?Download and install the Gemini Appliance maintenance patch, corresponding to your current version, as soon as possible. Refer to this post on our support site for downloads and information.Need more information?Please contact our our support team for any help related to this or other questions.
Data Availability for actionable intelligence.