Description:
A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. All the information we have so far is included in this page.
The bug has existed since around 2.6.22 (released in 2007) and was fixed on Oct 18, 2016.
More Information per Operating System:
Please make sure to verify if patched version of your kernel has been released for your Operating system vendors before updating it.
Red Hat and CentOS:
https://access.redhat.com/security/vulnerabilities/2706661
Debian:
https://security-tracker.debian.org/tracker/CVE-2016-5195
Ubuntu:
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html
Is my system vulnerable ?
For CentOS/Red Hat:
You can use a script provided by Red Hat to test your system.
Run:
wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_3.sh
bash rh-cve-2016-5195_3.sh
For Debian and Ubuntu:
If your kernel version is earlier than the following, you are affected:
Debian 7: 3.2.82-1
Debian 8: 3.16.36-1+deb8u2
Ubuntu 12.04 LTS: 3.2.0-113.155
Ubuntu 14.04 LTS: 3.13.0-100.147
Ubuntu 16.04 LTS: 4.4.0-45.66
Ubuntu 16.10: 4.8.0-26.28
Resolution:
On CentOS and Red Hat Enterprise Linux :
Run:
yum clean all
yum install kernel
reboot
Note: for Smart Servers, replace the yum install kernel line with the following command:
yum update kernel-xen
On Ubuntu and Debian:
Run:
sudo apt-get update
sudo apt-get install linux-generic
reboot
We suggest that you subscribe to your operating system notification system at the following URLs:
Red Hat - RHSA-announce (http://www.redhat.com/mailman/listinfo/rhsa-announce)
CentOS - CentOS-announce (https://lists.centos.org/mailman/listinfo/centos-announce)
Ubuntu - ubuntu-security-announce (https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce)
Debian - debian-security-announce (https://lists.debian.org/debian-security-announce/)
References:
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
https://access.redhat.com/security/vulnerabilities/2706661
https://access.redhat.com/security/cve/cve-2016-5195
https://security-tracker.debian.org/tracker/CVE-2016-5195
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5195
0 Comments