Developers fix old Linux vulnerability that could increase permissions
An exploit has emerged for a nine-year-old vulnerability in Linux that allows attackers to increase their local privileges. Developers have released a kernel fix to address the so-called Dirty COW vulnerability.
Dirty COW is a so-called privilege escalation vulnerability. This is due to the way the Linux kernel’s memory subsystem handles copy-on-write in private read-only mappings. This allows a user to gain write access to what should be read-only and thus increase their administrator privileges.
The bug has been in Linux since 2007 or from version 2.6.22, but it is only now getting attention. The discoverer, Phil Oester of Red Hat, has found that an exploit has been released for it and the vulnerability is therefore being abused ‘in the wild’. Oester told Ars Technica that ‘any user can get root in less than five seconds’. The site writes that exploits can be deployed, for example, through hosting companies that provide shell access or as part of another attack that gives access to a restricted system, and then gain root access.
The vulnerability has been designated CVE-2016-5195 and its own page with more details about the impact. The supported Linux kernel series 4.8, 4.7, and 4.4 have been re-released to address the issue. Red Hat, Debian and Ubuntu have also released fixes. The developers of the distros have rated the vulnerability as “important”.