Dirty Cow Exploit (CVE-2016-5195)
Posted by Jeff H. on 27 October 2016 10:51 AM
Dirty Cow (CVE-2016-5195)
If you use rackAID's management services or managed hosting, relax. We fixed this already.
Dirty Cow is a kernel level exploit that can allow a local user possible gain access to the memory mappings of another program. With this access, the could potentially escalate their access. Security researchers have found this exploit in the wild via HTTP packet captures.
This is an exploit in the Linux kernel software. This is the core of the server's OS. Typically, you have to install a patch and reboot the server.
Fortunately, we use KSplice to manage all of our servers. This allows slipstream the patch without a reboot. In fact, the Ksplice guys (part of Oracle) pushed out the fix shortly after it was released.
For more info, I recommend you check out the web site setup by the researchers:
Note that any device, phone or computer running Linux is likely impacted. Be sure to watch out for updates to your phones, internet devices and any system that runs Linux.