Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Dirty COW Critical Linux Kernel Flaw Being Exploited in the Wild


  • Please log in to reply
2 replies to this topic

#1 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 12,392 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:38 AM

Posted 21 October 2016 - 02:58 PM

 

A nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild.

Dubbed "Dirty COW," the Linux kernel security flaw (CVE-2016-5195) is a mere privilege-escalation vulnerability, but researchers are taking it extremely seriously due to many reasons.

First, it's very easy to develop exploits that work reliably. Secondly, the Dirty COW flaw exists in a section of the Linux kernel, which is a part of virtually every distro of the open-source operating system, including RedHat, Debian, and Ubuntu, released for almost a decade.
 

And most importantly, the researchers have discovered attack code that indicates the Dirty COW vulnerability is being actively exploited in the wild.

Dirty COW potentially allows any installed malicious app to gain administrative (root-level) access to a device and completely hijack it.

 

 

 

Dirty COW — Critical Linux Kernel Flaw Being Exploited in the Wild



BC AdBot (Login to Remove)

 


#2 MadmanRB

MadmanRB

    Spoon!!!!


  • Members
  • 2,613 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:No time for that when there is evil afoot!
  • Local time:10:38 AM

Posted 21 October 2016 - 03:00 PM

Well time for patches, sure it took 9 years but better late than never.


You know you want me baby!

Proud Linux user and dual booter.

Proud Vivaldi user.

 

ljxaqg-6.png


#3 Guest_GNULINUX_*

Guest_GNULINUX_*

  • Guests
  • OFFLINE
  •  

Posted 21 October 2016 - 03:32 PM

 All you have to know, without all the click-bait...

Description
Race condition in copy-on-write breakage of private read-only memory
mappings.

Ubuntu-Description
It was discovered that a race condition existed in the memory manager of
the Linux kernel when handling copy-on-write breakage of private read-only
memory mappings. A local attacker could use this to gain administrative
privileges.

Source.

Patched!  B)






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users