Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Dirty COW Linux vulnerability - what you need to know

steven36

By steven36
in Security & Privacy News

Recommended Posts

steven36

steven36

Posted
Posted

Offal bug found in Linux.

 

dirty_cow.jpg

 

What is Dirty COW?
It's the name given to a newly discovered vulnerability in virtually all versions of the Linux operating system. More accurately it should be referred to as CVE-2016-5195 - but where is the fun in that?

 

But why Dirty COW?
According to the researchers who found the flaw, and created a website to share information about it:
 

Quote


"A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."

 

 

Essentially it means that - if the vulnerability is left unpatched - if a local user can read a file, they can also write to it. Ouch!

 

So this is a privilege escalation vulnerability, rather than a potentially more dangerous code execution vulnerability?


Right. But don't let that thought lure you into resting on your laurels, as researchers claim they have found an in-the-wild exploit using the vulnerability.

 

Okay. Is this a new vulnerability?


Umm.. unfortunately not. Although it has only recently been uncovered, it appears that the flaw has been present in the Linux kernel for going on nine years.

 

Sheesh.. isn't the whole point of open source software that it's available for anyone to review, find bugs, etc...? How come this wasn't spotted and fixed earlier?


Good question.

 

Just earlier this week, research was published claiming that Linux bugs have a typical lifetime of approximately five years.

 

I run Red Hat / Debian / Ubuntu. Where can I find out more about what I should be doing.


That's easy.


Anything else?
Be sure to check out the official Dirty COW website (yes, they have a website as well as a Twitter account, and the now obligatory vulnerability logo) at http://dirtycow.ninja/

 

Source: 

https://www.grahamcluley.com/dirty-cow-linux-vulnerability-need-know/

 

 

 

Link to comment
Share on other sites
  • Replies 1
  • Views 416
  • Created
  • Last Reply
steven36

steven36

Posted
  • Author
Posted

What is so messed up about  this  bug  Linus Torvalds knew about this bug eleven years and  they fixed it once  but the patch  came undone The band-aid fell off  Mooooooo The Zombie Cow came back to life. :P

Quote


Linus Torvalds <[email protected]>

 

mm: remove gup_flags FOLL_WRITE games from __get_user_pages()
This is an ancient bug that was actually attempted to be fixed once (badly) by me eleven years ago in commit 4ceb5db9757a ("Fix get_user_pages() race for write access") but that was then undone due to problems on s390 by commit f33ea7f404e5 ("fix get_user_pages bug").
 
In the meantime, the s390 situation has long been fixed, and we can now fix it by checking the pte_dirty() bit properly (and do it better). The s390 dirty bit was implemented in abf09bed3cce ("s390/mm: implement software dirty bits") which made it into v3.9. Earlier kernels will have to look at the page state itself. Also, the VM has become more scalable, and what used a purely theoretical race back then has become easier to trigger. To fix it, we introduce a new internal FOLL_COW flag to mark the "yes, we already did a COW" rather than play racy games with FOLL_WRITE that is very fundamental, and then use the pte dirty flag to validate that the FOLL_COW flag is still valid.
 
Reported-and-tested-by: Phil "not Paul" Oester <[email protected]> Acked-by: Hugh Dickins <[email protected]> Reviewed-by: Michal Hocko <[email protected]> Cc: Andy Lutomirski <[email protected]> Cc: Kees Cook <[email protected]> Cc: Oleg Nesterov <[email protected]> Cc: Willy Tarreau <[email protected]> Cc: Nick Piggin <[email protected]> Cc: Greg Thelen <[email protected]> Cc: [email protected] Signed-off-by: Linus Torvalds <[email protected]>

  

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

I already patched  it on this system  I'm on  now with Linux Mint 17.3 I use LTS kernel  3.13  witch get updates tell  2019 ..Its the only kernel were the open source  drivers work right on my AMD hardware . I used newer ones before but  I had too use closed source catalyst  to fix it , now i just use the open source ones . 

https://launchpad.net/ubuntu/+source/linux/3.13.0-100.147

 

Screenshot_from_2016_10_21_04_10_08.png

 

I winder when Android will get this patch   2020 -2025 ?:P

 

 

 

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...