Jump to content

Critical Linux Kernel Flaw Being Exploited in the Wild

Corrine

By Corrine
in Security & Networking

 Share

Recommended Posts

Corrine

Corrine

Posted
Posted
A nine-year-old critical vulnerability has been discovered in virtually all versions of the Linux operating system and is actively being exploited in the wild.

 

Dubbed "Dirty COW," the Linux kernel security flaw (CVE-2016-5195) is a mere privilege-escalation vulnerability, but researchers are taking it extremely seriously due to many reasons.

 

First, it's very easy to develop exploits that work reliably. Secondly, the Dirty COW flaw exists in a section of the Linux kernel, which is a part of virtually every distro of the open-source operating system, including RedHat, Debian, and Ubuntu, released for almost a decade.

 

And most importantly, the researchers have discovered attack code that indicates the Dirty COW vulnerability is being actively exploited in the wild.

 

Dirty COW potentially allows any installed malicious app to gain administrative (root-level) access to a device and completely hijack it.

 

More at Dirty COW — Critical Linux Kernel Flaw Being Exploited in the Wild

  • Like 1
Link to comment
Share on other sites
Cluttermagnet

Cluttermagnet

Posted
Posted

What a relief! (the local user part). I think we are safe in all our machines, then.

I doubt anyone would find us important enough to sneak into our houses.

 

I must have somewhere between 12-20 machines with Linux Mint on them.

Probably use 8-10 of those at least monthly, most of them daily.

 

BTW Hi, All. Been far too long...

  • Like 2
Link to comment
Share on other sites
Dr. J

Dr. J

Posted
Posted

According to the Manjaro forums, all supported kernels have already been patched in the Testing branch on that distro, with patches to enter the Stable branch soon.

Link to comment
Share on other sites
V.T. Eric Layton

V.T. Eric Layton

Posted
Posted

All systems are vulnerable when the physical device is exposed to unwanted fingers. I can break into and steal data from any of your Windows or Linux systems with nothing more than a portable USB linux OS and a bit of space on it to save your data once I access it and steal it. Porteus mounts all partitions on a system as root by default when started from a USB. Your only protection would be if your files were encrypted. Even then, I could still get in and lock them down with my own encryption and then ransom them. Or I could just delete them.

 

I understand this flaw in the kernel we're talking about here is something that should never have been allowed and overlooked for so long, but I don't think it's anything near as dangerous as most of the FUD going around portends.

 

Happy computing! Oh, and watch out for those Internet of Things. They're going to come around and bite you in the ascii someday; just ask Dyn about that. ;)

  • Like 2
Link to comment
Share on other sites
crp

crp

Posted
Posted

All systems are vulnerable when the physical device is exposed to unwanted fingers. I can break into and steal data from any of your Windows or Linux systems with nothing more than a portable USB linux OS and a bit of space on it to save your data once I access it and steal it. Porteus mounts all partitions on a system as root by default when started from a USB. Your only protection would be if your files were encrypted. Even then, I could still get in and lock them down with my own encryption and then ransom them. Or I could just delete them.

 

I understand this flaw in the kernel we're talking about here is something that should never have been allowed and overlooked for so long, but I don't think it's anything near as dangerous as most of the FUD going around portends.

 

Happy computing! Oh, and watch out for those Internet of Things. They're going to come around and bite you in the ascii someday; just ask Dyn about that. ;)

Heartily agree and second. I don't consider any security issue that involves physical access as critical. If people who should not already have access to the physical machine that is the critical flaw, anything after that is "closing the barn doors after ..."

However, if the flaw only requires a remote login , then yeah FUD it all out.

  • Like 1
Link to comment
Share on other sites
ebrke

ebrke

Posted
Posted

Happy computing! Oh, and watch out for those Internet of Things. They're going to come around and bite you in the ascii someday; just ask Dyn about that. ;)

I'm pretty sure that day has already come for Amazon, Netflix, etc.
  • Like 1
Link to comment
Share on other sites
V.T. Eric Layton

V.T. Eric Layton

Posted
Posted

http://tinyurl.com/zkjght4 (Computer World article)

 

From the article linked above:

 

"Since this is a local privilege escalation flaw that cannot be directly exploited by remote attackers, it is only rated as high severity and not critical. To take advantage of it attackers need to first obtain limited access to a server in some other way, such as through another vulnerability."

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...