Page 1 of 1

Dirty Cow ! - 9 yo Linux security issue

Posted: Fri Oct 21, 2016 4:05 pm
by Chrisax
http://dirtycow.ninja/

Dirty COW (CVE-2016-5195) is a very dangerous privilege escalation vulnerability in the Linux Kernel that is NINE years old and revealed only now and already exploited since no one knows when.

Linus Torvadl, "creator' of Linux reckons he was aware of the issue and tried to correct it but finally dropped the attempts of fixing.
https://lkml.org/lkml/2016/10/19/860

Watch your servers (but desktop computers under Linux too) and the incoming updates; not available on all Linux distributions still.


Article on Ars Technica
http://arstechnica.com/security/2016/10 ... e-exploit/

Re: Dirty Cow ! - 9 yo Linux security issue

Posted: Sat Oct 22, 2016 1:37 pm
by bitnykk
Interesting ; Dirty Mem + Copy On Write threading association toward a kernel failure ...
That said, even 9 yo, it didn't expose any server/client to be escalated.
Such hole can be only used by tried average level users on public multiuser machines ;)