It has been some time since the nightmarish Poxy and Poodle vulnerabilities scared Internet users out of their wits, and now the web faces a new security exploit – a Linux kernel flaw bearing the ‘user-friendly’ name “Dirty COW”.
Dirty COW represents a privilege-escalation vulnerability that hackers can exploit and do harm to web servers using any Internet-connected device.
We’ve managed to address the issue on time and apply the necessary patches to our Linux-based system.
What is the Dirty COW security bug about?
In fact, the Dirty COW vulnerability is not new, at least not to Linux’s founder Linus Torvalds who admits to having uncovered it 11 years ago.
A bug fix patch was released in due time, but 3 years later it was undone by another security fix, leaving the Linux kernel vulnerable to network attacks for a period of 9 years. It was not until a couple of days ago that the ‘dirty’ Linux kernel threat re-surfaced online again.
According to Red Hat, the Dirty COW security flaw has left the Linux kernel vulnerable to unprivileged users who want to gain root access in order to increase their privileges and compromise the given server’s security.
This allows local users to gain write access to read-only memory mappings and hijack an Internet-connected device within practically a few seconds.
It is namely the broken copy-on-write (COW) mechanism in the Linux kernel that the flaw has been named after.
Here is a nice video illustration of the Dirty COW security flaw:
How can the Dirty COW exploit be patched?
The Linux kernel security flaw has affected virtually all Linux OS versions, so it has been marked as “High priority” by the community.
The latter acted immediately following the re-discovery of the bug and released a patch.
All major Linux distribution providers, including Red Hat, Ubuntu and Debian, have rolled out the necessary updates for their respective distros accordingly.
On our end, our admins have followed all security instructions and patched the Linux kernel as required.
Now all our web hosting servers (including our cloud hosting servers, semi-dedicated servers, OpenVZ VPS servers, KVM VPS servers and dedicated servers) are fully protected against any eventual Dirty COW exploit attacks, so you do not need to anything on your end.