Our Blog

Computer Security Vulnerability – Dirty COW (Dirty Copy-On-Write)

Posted by:

The vulnerability called “Dirty Cow” exploits a mechanism called copy-on-write. It allows an attacker to gain privilege escalation on the Linux Kernel. The bug has been lurking in the Linux Kernel since version 2.6.22 (released in Sept 2007) and has been actively exploited, at least since Oct 2016.

It is a race condition  found in Linux Kernel’s memory subsystem. This vulnerability allows the user to override protected files that are owned by the system.

Primarily, all users of Linux and/or Android system are  highly effected.

Consequences of Dirty Cow

  1. Since the vulnerability has been in the Linux Kernel for a long time, it’s easy to exploit.
  2. As it is impossible for antivirus and security software to detect this vulnerability,  once exploited, there is no evidence of what actions have been taken.
  3. It gives an attacker full control over the system, to install malware and steal data.

Problems

  • Dirty cow vulnerability opens up many pathways  for attackers.
  • Although it is a local privilege escalation, big remote attackers can use it in conjunction with other exploited code.
  • This will allow the remote execution of a non-privileged code to achieve remote root access on a computer.

In other words, an unprivileged user can gain full control of a Linux system through an exploited code.

Solution

Linux system admins need to ensure that older systems are patched and updated. As  patch for the Dirty Cow vulnerability does exist.  Newer versions of Linux has  been patched.

  1. 24/7 network engineers have patched all the servers of its clients and company from this vulnerability.
  2. 24/7 network engineers have also ensured all of the Linux Operating Systems to be patched against this vulnerability.
0


Add a Comment

Time limit is exhausted. Please reload CAPTCHA.

# #