Serious Linux kernel vulnerability patched

As amusing as it may sound, the recently-patched ‘Dirty Cow’ Linux kernel vulnerability (CVE-2016-5195) highlights a couple of important points:

  • vulnerabilities – even known ones – can remain unpatched in critical software for years; and
  • a misconfigured server that allows uploaded files to be executed is easily hacked.

At first glance, the Dirty Cow vulnerability may not seem particularly noteworthy. It doesn’t directly allow for arbitrary code execution. But it does allow an attacker who already has the ability to run arbitrary code on a target system to gain full access to that system via privilege escalation.

A Linux server that allows user uploads of any kind is normally configured so that uploaded files cannot be executed. However, it’s very easy to get this wrong, especially for web servers. Still, in most cases, being able to run an uploaded file remotely isn’t enough to provide the kind of access attackers want. Dirty Cow provides that access.

Anyone running a Linux server is strongly advised to install the available kernel updates for Dirty Cow immediately.

About jrivett

Jeff Rivett has worked with and written about computers since the early 1980s. His first computer was an Apple II+, built by his father and heavily customized. Jeff's writing appeared in Computist Magazine in the 1980s, and he created and sold a game utility (Ultimaker 2, reviewed in the December 1983 Washington Apple Pi Journal) to international markets during the same period. Proceeds from writing, software sales, and contract programming gigs paid his way through university, earning him a Bachelor of Science (Computer Science) degree at UWO. Jeff went on to work as a programmer, sysadmin, and manager in various industries. There's more on the About page, and on the Jeff Rivett Consulting site.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.