Security Update:Linux Kernel Vulnerability Named Dirty COW Exploit Actively Being Exploited
Date and Time
Linux Operating System Users
The United States Computer Emergency Readiness team (US-CERT) reports being aware of a Linux kernel vulnerability named Dirty COW exploit, due to how the flaw affects the Copy-On-Write (COW) mechanism on the Linux kernel.
Advanced Users: For a complete description of the vulnerability and affected versions visit Dirty COW (CVE-2016-5195) at https://dirtycow.ninja/.
- Linux operating systems
- Refer to your Linux or Unix-based OS vendor
WHAT'S THE PROBLEM?
Even though this exploit has existed for several years now, there are reports it is actively being exploited. An attacker exploiting the flaw could elevate their privileges on the system and take control of an affected device.
WHAT DO I NEED TO DO?
Upgrade your software
For additional details, US-CERT recommends that users and administrators review the:
- Red Hat CVE Database at https://access.redhat.com/security/cve/cve-2016-5195
- Canoical Ubuntu CVE Tracker at http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html
- CERT Vulnerability Note VU#243144 at https://www.kb.cert.org/vuls/id/243144
- Also refer to your Linux or Unix-based OS vendors for appropriate patches
- IT Security - http://it.ucsf.edu/security