APPS
APPS
APPS
New ‘Dirty Cow’ vulnerability threatens Linux systems
The broad developer participation in leading open-source projects such as Linux creates plenty of opportunities to catch security problems. However, some bugs still fall through the cracks every now and then.
The latest addition to the list is a “privilege escalation” vulnerability called “Dirty Cow,” or CVE-2016-5195 by its official designation, that started its life over a decade ago in an antiquated release of the Linux kernel. Creator Linus Torvalds explained on the official project site that the bug only posed a “theoretical” threat at the time, but he still opted to fix it out of precaution. But the vulnerability reemerged a few months later when another developer accidentally unraveled Torvalds’ work in an attempt to patch a separate problem.
Fast forward to this week, and Red Hat Inc. is warning customers that hackers are actively exploiting Dirty Cow to attack Linux systems. Black Duck Inc. senior security researcher Chris Jess explained that the vulnerability makes it possible to bypass the permission management mechanisms in the kernel and edit files that are normally off limits, including operating system components. It can thus be used to grant root-level system access to a malicious application or user without leaving any trace of the breach in an installation’s logs.
On the bright side, however, Dirty Cow still isn’t considered as severe as Heartbleed and some of other high-profile vulnerabilities that have made headlines in recent years. The reason is that exploiting the bug requires the ability to directly execute commands on an affected Linux system. In other words, a hacker would need to take advantage of a separate security issue to compromise their target device before they can exploit Dirty Cow to gain root access. And even then, they’d still be limited to the specific virtual machine or container in which they executed the malicious code.
But Dirty Cow is still severe enough to require immediate action from organizations. Patches are already available for RHEL, Debian and Ubuntu and other popular Linux flavors while a number of other distributors are reportedly also working to implement a fix. More information can be found on the official website that Phil Oester, the security researcher who discovered Dirty Cow, set up to inform the Linux community about the issue.
Image via Dirty Cow
A message from John Furrier, co-founder of SiliconANGLE:
Support our mission to keep content open and free by engaging with theCUBE community. Join theCUBE’s Alumni Trust Network, where technology leaders connect, share intelligence and create opportunities.
- 15M+ viewers of theCUBE videos, powering conversations across AI, cloud, cybersecurity and more
- 11.4k+ theCUBE alumni — Connect with more than 11,400 tech and business leaders shaping the future through a unique trusted-based network.
About SiliconANGLE Media
SiliconANGLE Media is a recognized leader in digital media innovation, uniting breakthrough technology, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — with flagship locations in Silicon Valley and the New York Stock Exchange — SiliconANGLE Media operates at the intersection of media, technology and AI.
Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a dynamic ecosystem of industry-leading digital media brands that reach 15+ million elite tech professionals. Our new proprietary theCUBE AI Video Cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.
