Linux Dirty CoW vulnerability (CVE-2016-5195)

Andrew -

Overview

A recent vulnerability was discovered in the Linux kernel dating all the way back to 2007 that can allow an attacker to modify files that should only be writable by root, thus allowing for privilege escalation.

In order to attack the system, the attacker must have an existing shell login (such as an unprivileged user account) in order to then escalate their privileges. More information about the specifics of the vulnerability are available here.

The vulnerability has since been patched by the Linux kernel developers and all major distributions have offered these patches as updated via their package managers. Details are available for RHEL, Debian and Ubuntu. Currently, CentOS has yet to make an update package available but a workaround is offered here.

Updating servers

Please note that in order for the updated kernel to take effect, you must reboot your server after the upgrade. Otherwise, the patch will not apply until the next reboot when the new kernel is loaded.

Debian or Ubuntu

sudo apt-get update && sudo apt-get dist-upgrade
sudo reboot

Red Hat Enterprise Linux

sudo yum update kernel
sudo reboot

Conclusion

Here at vGRID we take security very seriously. If you have any questions or concerns, feel free to contact us at support@vgrid.nz.

Have more questions? Submit a request

0 Comments

Please sign in to leave a comment.
Powered by Zendesk