Dirty COW

For the television show, see Dirty Cows.

Logo for Dirty COW

Dirty COW (Dirty copy-on-write) is a computer security vulnerability for the Linux kernel that affects all Linux-based operating systems including Android. It is a local privilege escalation bug that exploits a race condition in the implementation of the copy-on-write mechanism.^[1]^[2] The bug has been lurking in the Linux kernel since version 2.6.22 (released in September 2007), and has been actively exploited at least since October 2016.^[2] The bug has been patched in Linux kernel versions 4.8.3, 4.7.9, 4.4.26 and newer.

Although it is a local privilege escalation bug, remote attackers can use it in conjunction with other exploits that allow remote execution of non-privileged code to achieve remote root access on a computer.^[1] The attack itself does not leave traces in the system log.^[2]

It has the CVE designation CVE-2016-5195.^[3] The Debian operating system distribution has announced that it has released a patch for the vulnerability.^[4] Dirty Cow was one of the first security issues transparently fixed in Ubuntu by the Canonical Live Patch service.^[5]

It has been demonstrated that the bug can be utilized to root any Android device up to Android version 7.^[6]

References

1 2 Goodin, Dan (2016-10-20). ""Most serious" Linux privilege-escalation bug ever is under active exploit (updated)". Ars Technica. Retrieved 2016-10-21.
1 2 3 Vaughan-Nichols, Steven J. "The Dirty Cow Linux bug: A silly name for a serious problem". ZDNet. Retrieved 2016-10-21.
↑ "Kernel Local Privilege Escalation - CVE-2016-5195 - Red Hat Customer Portal". access.redhat.com. Retrieved 2016-10-21.
↑ "CVE-2016-5195". security-tracker.debian.org. Retrieved 2016-10-21.
↑ "LSN-0012-1 Linux kernel vulnerability". Ubuntu Security mailing list. October 20, 2016.
↑ "Android phones rooted by "most serious" Linux escalation bug ever". Ars Technica. October 24, 2016.

External links

Hacking in the 2010s

Major incidents	Operation Aurora (2010) Australian cyberattacks (2010) Operation Payback (2010) HBGary Federal (2011) DigiNotar (2011) RSA SecurID compromise (2011) Operation Tunisia (2011) 2011 PlayStation Network outage (2011) Operation AntiSec (2011) Stratfor email leak (2012–13) LinkedIn hack (2012) South Korea cyberattack (2013) Snapchat hack (2013) Operation Tovar (2014) iCloud leaks of celebrity photos (2014) Sony Pictures hack (2014) Yahoo! data breach (2014) Office of Personnel Management data breach (2015) Hacking Team (2015) Ashley Madison data breach (2015) VTech data breach (2015) Bangladesh Bank heist (2016) Commission on Elections data breach (2016) Democratic National Committee cyber attacks (2016) DCCC cyber attacks (2016) Dyn cyberattack (2016)

Groups	Anonymous associated events Bureau 121 Cozy Bear CyberBerkut Derp Equation Group Fancy Bear GNAA Goatse Security Hacking Team Iranian Cyber Army Lizard Squad LulzRaft LulzSec New World Hackers NullCrew NSO Group PayPal 14 PLA Unit 61398 Pranknet RedHack The Shadow Brokers Syrian Electronic Army TeaMp0isoN Tailored Access Operations UGNazi Yemen Cyber Army

Individuals	George Hotz Guccifer Guccifer 2.0 Hector Monsegur Jeremy Hammond Junaid Hussain Kristoffer von Hassel Mustafa Al-Bassam MLT Ryan Ackroyd Topiary The Jester weev

Vulnerabilities discovered	Heartbleed (2014) Shellshock (2014) POODLE (2014) Rootpipe (2014) JASBUG (2015) Stagefright (2015) DROWN (2016) Badlock (2016) Dirty COW (2016) BlackNurse (Computer Security) (2016)

Malware	Careto / The Mask CryptoLocker Dexter Duqu Duqu 2.0 FinFisher Flame Gameover ZeuS Mahdi Metulji botnet NSA ANT catalog Pegasus R2D2 Shamoon Stars virus Stuxnet XAgent

This article is issued from Wikipedia - version of the 11/8/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.