Linux Copy on – Write (COW) Dirty COW CVE-2016-5195 | bigdba.com

Linux Copy on – Write (COW) Dirty COW CVE-2016-5195

First of all, Hello to everyone,
I have not been writing for a long time, I wanted to return with remarkable information. Dirty Cow is known as a privilege-escalation error. Dirty Cow was named after the research of the Red Hat firm because of the copy-on-write (COW) mechanism in the Linux Kernel mechanism. ). in other words, it is a system threat for mapping only readable memory. In this way, any malicious attacker can exploit the error by providing write access to the system’s read-only files.

Name of the Vulnerability: DirtyCOW Linux Authorization Upgrade Vulnerability

CVE / CWE (Common Vulnerabilities and Exposures)

Impact: Vulnerability affecting GNU / Linux distributions and variants Copy-On-Write (COW), one of the lnux subsystems, is only caused by an open state on the system for mapping readable memory. The vulnerability allows the attacker who has access to the local user level in any way on the system to upgrade his authority to root authority. Vulnerability on Linux systems is very important because the root user is fully authorized in all processes.

The kernel versions of the threat are as follows.
Versions: 2.6.22 – 4.4.1

You can check the kernel version on your system with the command below.

uname -r

If your version is lower than the above versions, you should update your kernel for your security.

Update Examples
For CentOS and RedHat;

$ yum –y update kernel
For Debian and Ubuntu;

apt-get update
apt-get upgrade

Additional information and references;
https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5195
https://dirtycow.ninja/

In the following video there is a detailed description;


Comments