Uncategorized

Dirty COW Linux security issue

From the OSS-Security list, some details on a new “Dirty COW” Linux security issue:

CVE-2016-5195 “Dirty COW” Linux kernel privilege escalation vulnerability

This was brought to the linux-distros list (and briefly inadvertently to the distros list, although discussion continued on linux-distros only) on October 13 and it was made public yesterday, so it must be in here as well.  Unfortunately, no one posted about it in here so far (the person who brought this to [linux-]distros must have done so!), and I don’t have time to make a proper posting (with full detail in the message itself, as per oss-security list content guidelines), but I figured it’s better for me to post something than nothing at all.

Red Hat’s description:

“A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings.  An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.”

https://access.redhat.com/security/cve/cve-2016-5195
https://bugzilla.redhat.com/show_bug.cgi?id=1384344
https://security-tracker.debian.org/tracker/CVE-2016-5195
http://www.v3.co.uk/v3-uk/news/2474845/linux-users-urged-to-protect-against-dirty-cow-security-flaw
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
https://lkml.org/lkml/2016/10/19/860
https://dirtycow.ninja
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails

https://www.us-cert.gov/ncas/current-activity/2016/10/21/Linux-Kernel-Vulnerability

Standard

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s