Dirty Cow ! - 9 yo Linux security issue

Many AP members are knowledgeable about computers. Ask questions and share your knowledge here. (Information are supplied without any guarantee. Do not open any URL or file not posted by someone you know.) (All users can read)
Post Reply
User avatar
Chrisax
President
Posts: 23045
Joined: Wed Apr 19, 2006 1:08 pm

Dirty Cow ! - 9 yo Linux security issue

Post by Chrisax »

http://dirtycow.ninja/

Dirty COW (CVE-2016-5195) is a very dangerous privilege escalation vulnerability in the Linux Kernel that is NINE years old and revealed only now and already exploited since no one knows when.

Linus Torvadl, "creator' of Linux reckons he was aware of the issue and tried to correct it but finally dropped the attempts of fixing.
https://lkml.org/lkml/2016/10/19/860

Watch your servers (but desktop computers under Linux too) and the incoming updates; not available on all Linux distributions still.


Article on Ars Technica
http://arstechnica.com/security/2016/10 ... e-exploit/
bitnykk
Leetissimo!
Posts: 1311
Joined: Thu Sep 02, 2010 9:16 pm

Re: Dirty Cow ! - 9 yo Linux security issue

Post by bitnykk »

Interesting ; Dirty Mem + Copy On Write threading association toward a kernel failure ...
That said, even 9 yo, it didn't expose any server/client to be escalated.
Such hole can be only used by tried average level users on public multiuser machines ;)
Post Reply