Dirty COW (CVE-2016-5195) is a local privilege escalation vulnerability. Do not ignore this bug.

A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. A local unprivileged user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system. In other words, the normal user can overwrite files they are allowed just to read it. For example, /etc/passwd can be edited or deleted by a normal user. The vulnerability easily exploited with a local shell account.

How old is this bug?

I can not belive, but bug existed for in the kernel for eleven years, to give normal users full root access.

How do I fix my server or desktop powered by Linux?

Apply fix ASAP:

If you just want the Kernel patch to go here.

What about my Android phone?

You need to wait to get an update (also known as firmware ROM) from your phone manufacturer.

In Category: Link

Vivek Gite

Vivek Gite, nixCraft creator, and professional Unix sysadmin/DevOps is obsessed with optimizing the servers and making sure data center stays online 24x7.

Show 0 Comments
No comments yet. Be the first.

Leave a Comment