Dirty COW Vulnerability, what you should do?

dirty cow bugAll the media has talked about it…On October 19, 2016, a privilege escalation vulnerability in the Linux kernel was disclosed under the name of Dirty COW. A 9 years old vulnerability…(With the kernel 2.6.22) impacting a large number of Linux servers.

 

So what is it and how to fix it?
The issue come from how the kernel handles Copy-On-Write (COW, so, nothing about cows).
It is basically a privilege-escalation bug. This vulnerability allows for escalating the privilege of a user space process, granting it super user privileges. Users can gain write-access to memory mappings that are normally set to read-only.
Very dangerous then!

dirty-cow-the-most-dangerous-linux-bug-patched

 

Fixing it should be straightforward as most distributions have released a fix, in a new kernel.
You should still check for your kernel version:

uname –rv

If your version is earlier than the following, you are affected:
• 4.8.0-26.28 for Ubuntu 16.10
• 4.4.0-45.66 for Ubuntu 16.04 LTS
• 3.13.0-100.147 for Ubuntu 14.04 LTS
• 3.2.0-113.155 for Ubuntu 12.04 LTS
• 3.16.36-1+deb8u2 for Debian 8
• 3.2.82-1 for Debian 7
• 4.7.8-1 for Debian unstable

If it is the case, you should immediately update your system:

sudo apt-get update && sudo apt-get dist-upgrade

And then make sure it has upgraded your kernel.

uname –rv

If done, simply reboot your system to boot on the new kernel.

sudo reboot

 

Pheww!!

Gravatar

Loves to discover web-based apps to install on his own server@home and write articles about it

0 Comments:

Add a comment