Introduction:
On October 19, 2016, a privilege escalation vulnerability in the Linux kernel was disclosed. The bug is nicknamed Dirty COW because the underlying issue was a race condition in the way kernel handles copy-on-write (COW). Dirty COW has existed for a long time — at least since 2007, with kernel version 2.6.22 — so the vast majority of servers are at risk.
Dirty Cow works by creating a race condition in the way the Linux kernel’s memory subsystem handles copy-on-write (COW) breakage of private read-only memory mappings. This race condition can allow an unprivileged local user to gain write access to read-only memory mappings and, in turn, increase their privileges on the system.
Copy-on-write is a technique that allows a system to efficiently duplicate or copy a resource which is subject to modification. If a resource is copied but not modified, there’s no need to create a new resource; the resource can be shared between the copy and the original. In case of a modification, a new resource is created.
Check Vulnerability:
Ubuntu/Debian:
uname -rv You’ll see output like this:
4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016
If your version is earlier than the following, than your server is affected:
- 4.8.0-26.28 for Ubuntu 16.10
- 4.4.0-45.66 for Ubuntu 16.04 LTS
- 3.13.0-100.147 for Ubuntu 14.04 LTS
- 3.2.0-113.155 for Ubuntu 12.04 LTS
- 3.16.36-1+deb8u2 for Debian 8
- 3.2.82-1 for Debian 7
- 4.7.8-1 for Debian unstable
CentOS:
Download the below script and run in the server:
wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh
bash rh-cve-2016-5195_1.sh
If you’re vulnerable, you’ll see output like this:
Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.
Red Hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .
Fix Vulnerability:
On Ubuntu and Debian, upgrade your packages using apt-get.
sudo apt-get update && sudo apt-get dist-upgrade
You can update all of your packages on CentOS 5, 6, and 7 with sudo yum update, but if you only want to update the kernel to address this bug, run:
sudo yum update kernel
After updating kernel, reboot the server ( Execute reboot in the server).
Thank you.
My name is Shashank Shekhar. I am a DevOps Engineer, currently working in one of the best companies in India. I am having around 5 years of experience in Linux Server Administration and DevOps tools.
I love to work in Linux environment & love learning new things.
Powered by Facebook Comments
Hi there this is kinda of off topic but I was wanting to know if blogs use WYSIWYG editors or if you have to manually code with HTML.
I’m starting a blog soon but have no coding know-how so
I wanted to get guidance from someone with experience.
Any help would be enormously appreciated!
Hi,
Thanks you for your reply.
I am using CMS for my blog. If you would like to create a blog, then you can do this by installing a CMS (WordPress, Joomla, Drupal, etc.) in your site and make your post (As this is a easy way, you do need to have a knowledge of coding.) You can also use different theme for your site to make the look the site impressive. I am not using WYSIWYG editor. I simply write the post in plain text and make the post. Let me know if you have any query. 🙂