Security News Dirty Cow Linux Exploit

BoraMurdar

Super Moderator
Thread author
Verified
Staff Member
Well-known
Aug 30, 2012
6,598
Update :
The flaw has already been patched in the kernel and now organizations are preparing security patches for everyone, so keep your devices up to date.

Linux users are being warned that a dangerous and pervasive security flaw has been discovered inside the kernel that allows an attacker to easily gain full access. Dubbed “Dirty COW”, the exploit has reportedly been around for many years, but is now currently being used in the wild.

Phil Oester is a network admin and security researcher who uncovered the flaw while capturing HTTP traffic on a server that seemed to have been hacked. He explained that this security issue has been around since 2007, and is now likely to become more widespread. Oester said:

The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8. As Linus [Torvalds] notes in his commit, this is an ancient bug and impacts kernels going back many years. All Linux users need to take this bug very seriously, and patch their systems ASAP.

The flaw, now logged as CVE-2016-5195, has to do with the way the Linux kernel handles “copy-on-write (COW) breakage of private read-only memory mappings”. An attacker exploiting the flaw could elevate his privileges on the system and take control of an affected device.

 

Myriad

Level 7
Verified
Well-known
May 22, 2016
349
The flaw, now logged as CVE-2016-5195, has to do with the way the Linux kernel handles “copy-on-write (COW) breakage of private read-only memory mappings”. An attacker exploiting the flaw could elevate his privileges on the system and take control of an affected device.

I saw this last week , added it to my agenda for further investigation , and since then it has kind of dropped down my list.

All Linux users need to take this bug very seriously, and patch their systems ASAP.

" Patch " can mean different things to different people .... update Linux ? .... upgrade ?
If anyone can point me to the recommended action I would be most grateful ( and it would save me lots of time :) )

PS - I read the strangest thing about testing for this vulnerability in your own system.
And now I can't find the link again .... but it was something like :-
" if pressing backspace 26 times at the log-in causes a reboot , your kernel is vulnerable ".... I kid you not !

If I can find the link again I will post back
 
Last edited:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top