Best Security Search
Security News

Critical Linux Kernel Security Bug Dirty Cow Discovered

The Linux Kernel Team has amended a critical security bug known as Dirty Cow that was only recently discovered. All users are advised to apply the latest updates as this is a zero-day issue.

The Linux kernel team has issued a security patch that updates the kernel code from a serious vulnerability. The zero-day bug was recently reported and became famous as Dirty Cow, assigned with an advisory identifier CVE-2016-5195. The shocking fact about the bug is that it has existed in the Linux source code since 2007 (version 3.9). The security researcher Phil Oester has notified Red Hat that some recent incidents have used software exploits that could have used the Dirty Cow attack. According to Linus Torvalds himself this is “an ancient bug that was actually attempted to be fixed once (badly) by me eleven years ago”.

The problem actually lies in a race condition in the way the kernel’s memory subsystems handles the copy-on-write (COW) breakage of private read-only memory mappings. This means that the tasks execute in an improper order which often leads to application crashes or the possibility for malicious users to exploit the bug and execute arbitrary remote code. The vulnerability allows attackers to attain root privileges which allows them to execute commands that can affect the operating system at every level. Security reports indicate that the bug allows attackers to become root (the system administrator) for less than five seconds by exploiting the vulnerability. This was tested on a live system with an unpatched kernel.

The Debian Security Team has already issued security patches for the affected packages in the distribution’s repositories while also adding that denial of service or information leaks can also be caused by Dirty Cow.

For more information you can read the announcement available here.

The Time of the Linux Bugs

At around the same time some other kernel were also amended. In the latest Debian kernel patch, the security team has also issued a patch that fixes a bug in the Bluetooth RFCOMM socket handling. An incorrect buffer allocation is also amended. In the past few months we have witnessed an increase in the number of Linux Kernel vulnerabilities. As the popularity of the Linux-based appliances continues to grow (especially among IoT devices) we are seeing that the open-source platforms will continue to be the system of choice for many products in the future as well.

As always, stay updated. And if you need more reassurement read our article which explains why its important to perform software updates.

Martin Beltov

Martin graduated with a degree in Publishing from Sofia University. As a cyber security enthusiast he enjoys writing about the latest threats and mechanisms of intrusion.