Red Hat reports ‘Dirty Cow’ Linux kernel bug

2
10137
Dirty Cow Linux bug

Dirty Cow Linux bug

Red Hat has reported a serious bug in Linux kernel. Oddly named Dirty Cow, the issue was detected and fixed by Linux Creator Linus Torvalds element years ago, but its fix was undone due to problems on s390 in other operation.

Dirty Cow bug is a race condition that mishandles copy-on-write (COW) operation of private read-only memory mappings in Linux kernel memory. An attacker can leverage this condition to write read-only memory mappings and even increase their privileges on a system. Race conditions are quite common on the open source platform, though fixing them takes time sometimes.

The bug was hard to detect problems on s390 but since virtual machine (VM) has become more scalable, triggering any specific race conditions has become much easier. In an official post on the kernel website, Torvalds announced that introducing new internal FLOW_COW flag to mark “yes, we already did a COW”.

“To fix it, we introduce a new internal FOLL_COW flag to mark the ‘yes, we already did a COW’ rather than play racy games with FOLL_WRITE that is very fundamental, and then use the pte dirty flag to validate that the FOLL_COW flag is still valid,” Torvalds wrote in the post.

According to Linux security researcher Phil Oester, who discovered the exploit, the bug is trivial to execute, but it has been around for years. The attack does not leave any system logs which makes it difficult to trace.

Experts consider that Dirty Cow bug has not affected all Linux distributions. But still, it is recommended to patch the system with available updates.

2 COMMENTS

  1. […] Cow vulnerability opens a new way of unified rooting method for all Android versions. The flaw was first surfaced in Linux kernel in 2007 and is yet to be fixed across various open source platforms. Moreover, it is considered […]

  2. […] bug CVE-2016-5195 aka Dirty Cow is a race condition that was introduced in the core of Linux kernel in 2007. Linus Torvalds himself had made an […]

LEAVE A REPLY

Please enter your comment!
Please enter your name here