A very serious security problem has been found in the Linux kernel. A 0-day local privilege escalation vulnerability has existed for eleven years since 2005. This bug affects all sort of of Android or Linux kernel to escalate privileges. This bug is named as Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel. Exploitation of this bug does not leave any trace of anything abnormal happening to the logs. So you can not detect if someone has exploited this against your server.
OpenVZ Users
No action needs to be taken, we have already patched our kernels inline.
KVM Users
All you will need to do is run an update via your package manager (yum/apt etc.). Please update your kernel immediately. Some repos still may not have the latest kernel/fixed packages available so keep trying every few hours. Please ensure you have rebooted after updating.
Reference:
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
http://www.cyberciti.biz/faq/dirtycow-linux-cve-2016-5195-kernel-local-privilege-escalation-vulnerability-fix/
- Saturday, October 22, 2016
