Linux “Dirty COW” vulnerability

On 20th October 2016 it was announced that a serious security hole had been discovered in the Linux kernel which was already being actively exploited. This vulnerability has been dubbed "Dirty COW" due to the exploit using a race condition in the implementation of the copy-on-write mechanism. Although described as a local exploit the bug can be exploited via web frameworks such as WordPress so we consider this to be a critical remotely exploitable vulnerability.

DICE machines have been updated and rebooted to apply the fix. All users with self-managed machines MUST ensure their machines are running a kernel which is not exploitable via this vulnerability. All Linux distributions now have fixes available, see the "Dirty COW" website for details.

If you need advice or assistance with dealing with this issue please contact the Computing Team via our support form.

This entry was posted in Uncategorized. Bookmark the permalink.

Leave a Reply