Dirty Cow is a childish name, however it’s a genuine Linux kernel issue. As per the Red Hat bug report, “a race condition was found in the way the Linux kernel’s memory subsystem took care of the duplicate on-write (COW) breakage of private read-just memory mappings. An unprivileged local user could utilize this defect to have write access to generally read-only memory mappings and consequently increase their benefits on the framework.”
Race conditions themselves are basic. Scarcely a month passes by that Windows, for instance, doesn’t fix one. In any case, normal doesn’t mean harmless.
The issue itself, as Linus Torvalds clarified, “is an antiquated bug that was really endeavored to be altered once (severely) by me eleven years prior … in any case, that was then fixed because of issues on s390 by [another] commit.”
At that point, it was difficult to get this bug to show itself, yet Torvalds proceeded, “the VM [virtual machine] has turned out to be more adaptable, and what utilized a simply hypothetical race in those days has gotten to be simpler to trigger.”
“To settle it,” Torvalds proceeded “we present another interior FOLL_COW flag to check the “yes, we as of now did a COW” as opposed to play scandalous games.”
It’s not just get simpler to trigger, it’s being utilized as a part of assaults. As per Phil Oester, the Linux security researcher who revealed it, the exploit is anything “but difficult” to execute and will in all likelihood turn out to be all the more broadly used. Oester told V3 that “The endeavor in the wild is trival to execute, never falls flat and has likely been around for a considerable length of time.”
Once used, Dirty Cow can pry open Linux frameworks and give the give the attacker high-levels of access.
More awful still, the assault, all by itself, doesn’t leave traces in the system logs. Some unknown user all of a sudden doing things that require root privileges are, obviously, another matter. Be that as it may, by then, it’s past the point of no return.
Assaults in light of Dirty Cow don’t work on all Linux disseminations. For instance, Dirty Cow can’t make a wreck of Red Hat Enterprise Linux (RHEL) 5 or 6. It can, be that as it may, batter Fedora and RHEL 7. The best thing to do is to expect that you are powerless and fix your system as quickly as time permits.
Luckily, patches are presently accessible for most real Linux distribution.
Goodness, and one last note, the makers of the Dirty Cow name and logo are very much aware that it’s sort of a moronic name. They clarified, “It would have been phenomenal to shun this absurdity, since we as a whole ridicule branded vulnerabilities as well, however this was not the ideal time to make that stand.”
Along these lines, senseless name and all, in the wake of perusing this article, fix your Linux boxes. Now!