Dirty COW (CVE-2016-5195): A New Vulnerability Detected in Linux Operating System after Nine Years

October 27, 2016 Written By M-Connect Media

Talk to Experts Need expert help? Don’t hesitate to talk.

You can do direct email atinfo@mconnectmedia.com

WE'RE HERE FOR YOU

We would love to hear about your Magento project, challenge, or opportunity. We'll respond within 24 hours!

Dirty Cow Linux vulnerability

The Linux Operating System is an open source and this means that anyone can access the source code or make changes in it. A large number of applications are based on this Operating System and even the Android mobile devices are based on this.
As it is an open source, it makes this system even more vulnerable to attackers as well as security bugs.

Recently, a nine-year-old bug in Linux Kernel called Dirty Cow was recorded. The official name given to this bug is CVE-2016-5195. In this vulnerability, a local user or an attacker gets the root access to the server and therefore can have the total control over the entire system.

The privilege escalation vulnerability is called as Dirty Cow because a researcher found that

a race condition in the way the Linux kernel’s memory subsystem handles copy-on-write (COW) breakages of private read-only memory mappings. Attackers can use this to gain write access to otherwise read-only mappings and this way take control over whole systems.

Since this bug has been there for nine long years, it has affected thousands of Linux based devices. The bug affected Ubuntu, Red Hat, CentOS, Debian and some other Linux distros. So, if your store is running on an old version of Linux OS, then you need to immediately upgrade it to the latest version. And this update requires the reboot of the system once you have received the security patches.

You need to follow the below-given commands to update your Linux system:

Debian/Ubuntu:
$sudo apt-get update && sudo apt-get dist-upgrade

RedHat:
$sudo yum update
$sudo reboot

After the reboot of your Linux Systems, you have to make sure that the systems are running on the new updated kernel.

The Dirty COW bug has also affected the Linux-based Android devices. In Android devices, this bug has new rooting technique. But, the patches will also be available for these systems soon.

The Dirty COW can be a big problem for the eCommerce store owners if their Magento® store is compromised because then the attacker will be able to upload files to your server or the hosting account.

If you run your store with a Shared hosting server, then you need to ask your hosting provider implement the security patches to protect against this vulnerability.
Do you want to know more about the security patches for the Dirty COW bug or latest Magento® updates? Do you need help in installing the security patch for Dirty COW into your Magento® store? Then talk to our Magento® Security Experts about your issues and get a perfect resolution for your store.

Need Magento expert help?

We provide result-driven solutions to expand the competency level and productivity.

Instant Help CenterAvailable!

Monday to FridayResponse promised within 24 hours!

Call Us

+1 319 804-8627

Black Friday 2016 Guide
Magento Promotions

One comment

  1. It is quite surprising that this Dirty COW vulnerability was there in the Linux system since nine long years. But finally, there is some simple resolution for this issue. Thanks for sharing this important information!

Load Comments

Your email address will not be published. Required fields are marked *

5 4 3 2 1

  • Worried for deadlines? Our Magento Experts are effortlessly Working from Home.
  • Check out our Magento Developer Hiring Packages for Agency as well as individuals.
View Packages

Talk to Experts Need expert help? Don’t hesitate to talk.

You can do direct email atinfo@mconnectmedia.com

WE'RE HERE FOR YOU

We would love to hear about your Magento project, challenge, or opportunity. We'll respond within 24 hours!

Please fill this form, Mr.Yogesh will reply by email asap.


Please fill this form, Mr.Darshit will reply by email asap.


Please fill this form, Mr.Jayesh will reply by email asap.


Please fill this form, Mr.Jiten will reply by email asap.