it.ucsf.edu

Security Update:Linux Kernel Vulnerability Named Dirty COW Exploit Actively Being Exploited

Status Type

Security Update

Date and Time

Monday, October 24, 2016 - 13:15

Reason

Security Update

Impact

Linux Operating System Users

 

WHAT HAPPENED?
The United States Computer Emergency Readiness team (US-CERT) reports being aware of a Linux kernel vulnerability named Dirty COW exploit, due to how the flaw affects the Copy-On-Write (COW) mechanism on the Linux kernel.

Advanced Users: For a complete description of the vulnerability and affected versions visit Dirty COW (CVE-2016-5195) at https://dirtycow.ninja/.


AFFECTED SOFTWARE

  • Linux operating systems
  • Refer to your Linux or Unix-based OS vendor


WHAT'S THE PROBLEM?
Even though this exploit has existed for several years now, there are reports it is actively being exploited. An attacker exploiting the flaw could elevate their privileges on the system and take control of an affected device.

WHAT DO I NEED TO DO?
Upgrade your software
For additional details, US-CERT recommends that users and administrators review the:


RELATED LINKS