[sf-lug] Holy COW Linux Bug, Batman!
Bobbie Sellers
bliss-sf4ever at dslextreme.com
Fri Oct 21 12:59:56 PDT 2016
Thanks Aaron,
I was trying to figure out a way to inform the list but
could not find the relevant citations about the problem
and the fix.
On my PCLinuxOS the fixed kernel 4.8.3 was waiting to
be put into use. I got the word thru my Usenet newsgroups.
Bobbie Sellers
On 10/21/2016 11:02 AM, aaronco36 wrote:
> The Dirty Cow Linux bug: A silly name for a serious problem[1]
>
> With attacks in the wild reported, you need to fix this Linux bug as soon as possible.
>
>
> Quoting article[1] author SJVN:
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Dirty Cow[2] is a silly name, but it's a serious Linux kernel problem. According to the Red Hat[3] bug report, "a race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>
> >From [2], if you're using Red Hat, Debian, Ubuntu and/or SUSE, you can find out further information on your specific distro's handling of the Dirty COW Linux bug CVE-2016-5195 at [4],[5],[6] and/or [7], respectively.
> -A
>
>
> References:
> ================
>
> [1]http://www.zdnet.com/article/the-dirty-cow-linux-security-bug-moos/
> [2]https://dirtycow.ninja/
> [3]https://www.redhat.com/en
> [4]https://access.redhat.com/security/cve/cve-2016-5195
> [5]https://security-tracker.debian.org/tracker/CVE-2016-5195
> [6]http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html
> [7]https://www.suse.com/security/cve/CVE-2016-5195.html
>
> ================
>
>
>
> _____________________________________________________________
> Get your FREE, LinuxWaves.com Email Now! --> http://www.LinuxWaves.com
> Join Linux Discussions! --> http://Community.LinuxWaves.com
>
More information about the sf-lug
mailing list