UPDATED 14:15 EDT / OCTOBER 21 2016

APPS

New ‘Dirty Cow’ vulnerability threatens Linux systems

The broad developer participation in leading open-source projects such as Linux creates plenty of opportunities to catch security problems. However, some bugs still fall through the cracks every now and then.

The latest addition to the list is a “privilege escalation” vulnerability called “Dirty Cow,” or CVE-2016-5195 by its official designation, that started its life over a decade ago in an antiquated release of the Linux kernel. Creator Linus Torvalds explained on the official project site that the bug only posed a “theoretical” threat at the time, but he still opted to fix it out of precaution. But the vulnerability reemerged a few months later when another developer accidentally unraveled Torvalds’ work in an attempt to patch a separate problem.

Fast forward to this week, and Red Hat Inc. is warning customers that hackers are actively exploiting Dirty Cow to attack Linux systems. Black Duck Inc. senior security researcher Chris Jess explained that the vulnerability makes it possible to bypass the permission management mechanisms in the kernel and edit files that are normally off limits, including operating system components. It can thus be used to grant root-level system access to a malicious application or user without leaving any trace of the breach in an installation’s logs.

On the bright side, however, Dirty Cow still isn’t considered as severe as Heartbleed and some of other high-profile vulnerabilities that have made headlines in recent years. The reason is that exploiting the bug requires the ability to directly execute commands on an affected Linux system. In other words, a hacker would need to take advantage of a separate security issue to compromise their target device before they can exploit Dirty Cow to gain root access. And even then, they’d still be limited to the specific virtual machine or container in which they executed the malicious code.

But Dirty Cow is still severe enough to require immediate action from organizations. Patches are already available for RHEL, Debian and Ubuntu and other popular Linux flavors while a number of other distributors are reportedly also working to implement a fix. More information can be found on the official website that Phil Oester, the security researcher who discovered Dirty Cow,  set up to inform the Linux community about the issue.

Image via Dirty Cow

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU