News

Developers fix old Linux vulnerability that could increase permissions

By admin
Spread the love

An exploit has emerged for a nine-year-old vulnerability in Linux that allows attackers to increase their local privileges. Developers have released a kernel fix to address the so-called Dirty COW vulnerability.

Dirty COW is a so-called privilege escalation vulnerability. This is due to the way the Linux kernel’s memory subsystem handles copy-on-write in private read-only mappings. This allows a user to gain write access to what should be read-only and thus increase their administrator privileges.

The bug has been in Linux since 2007 or from version 2.6.22, but it is only now getting attention. The discoverer, Phil Oester of Red Hat, has found that an exploit has been released for it and the vulnerability is therefore being abused ‘in the wild’. Oester told Ars Technica that ‘any user can get root in less than five seconds’. The site writes that exploits can be deployed, for example, through hosting companies that provide shell access or as part of another attack that gives access to a restricted system, and then gain root access.

The vulnerability has been designated CVE-2016-5195 and its own page with more details about the impact. The supported Linux kernel series 4.8, 4.7, and 4.4 have been re-released to address the issue. Red Hat, Debian and Ubuntu have also released fixes. The developers of the distros have rated the vulnerability as “important”.

You might also like
News

EU Council determines position on security requirements for digital products

News

Samsung develops first GDDR7 chips, mentions bandwidths of up to 32Gbit/s per pin

News

Nvidia releases GeForce RTX 4060 Ti variant with 16GB memory

News

Anticheat FaceIT gets Linux version, enables Steam Deck support

News

‘AMD wants to sell Radeon RX 7700 and RX 7800 series from September’

News

Acer also comes with Radeon video card with two different types of fans