centurylink

2016-10-20 Dirty COW (CVE-2016-5195): Privilege escalation vulnerability in the Linux Kernel

CVE-2016-5195: A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

This could be abused by an attacker to modify existing setuid files with instructions to elevate privileges.

Find more information about the issue.

Affected platforms

Ubuntu

Run the following command:

$ uname -r

You should see output like this one:

3.13.0-100-generic

or this one:

4.4.0-45-generic

These are secure versions of the library.

Debian

Run the following command:

$ uname -v

You should see output like this:

3.16.36-1+deb8u2

This is a secure version of the library.

Oracle Linux

Run the following command:

$ uname -r

You should see output like this:

4.1.12-61.1.16.el6uek.x86_64

This is a secure version of the library.

Red Hat and CentOS

Run the following command:

$ uname -r

You should see output like this:

3.10.0-327.36.3.el7.x86_64

This is a secure version of the library.

Amazon Linux

Run the following command:

$ uname -r

You should see output like this:

4.4.23-31.54.amzn1.x86_64

This is a secure version of the library.

How to patch it

If your system is affected, follow the steps below for your platform.

Ubuntu and Debian

Run the following command to patch the system and then reboot:

$ sudo apt-get update && sudo apt-get dist-upgrade
$ sudo reboot

Oracle Linux, Red Hat, CentOS and Amazon Linux

Run the following command to patch the system and then reboot:

$ sudo yum update
$ sudo reboot