會員中心

技術支持

  1. 門戶首頁
  2. 幫助中心
  3. Linux知識
  4. How To Protect Your Server Against the Dirty COW Linux Vulnerability
登錄
幫助中心

How To Protect Your Server Against the Dirty COW Linux Vulnerability

Introduction : On October 19, 2016, a privilege escalation vulnerability in the Linux kernel was disclosed. The bug is nicknamed Dirty COW because the underlying issue was a race condition in the way kernel handles copy-on-write (COW). Dirty COW has existed for a long time at least since 2007, with kernel version 2.6.22 so the vast majority of servers are at risk.

Exploiting this bug means that a regular, unprivileged user on your server can gain write access to any file they can read, and can therefore increase their privileges on the system. More information can be found on CVE-2016-5195 from Canonical, Red Hat, and Debian.

Check Vulnerability :

Ubuntu/Debian

To find out if your server is affected, check your kernel version.

# uname -rv

You’ll see output like this:
4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016

If your version is earlier than the following, you are affected:

  • 4.8.0-26.28 for Ubuntu 16.10
  • 4.4.0-45.66 for Ubuntu 16.04 LTS
  • 3.13.0-100.147 for Ubuntu 14.04 LTS
  • 3.2.0-113.155 for Ubuntu 12.04 LTS
  • 3.16.36-1+deb8u2 for Debian 8
  • 3.2.82-1 for Debian 7
  • 4.7.8-1 for Debian unstable

CentOS
If you’re on CentOS, you can use this script provided by RedHat to test your server’s vulnerability. To do so, first download the script.

wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh

Then run it with bash.

# bash rh-cve-2016-5195_1.sh

If you’re vulnerable, you’ll see output like this:

Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.
Red Hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .

Fix Vulnerability

Fortunately, applying the fix is straightforward: update your system and reboot your server.

Ubuntu/Debian

Update and upgrade your packages using apt-get.

# sudo apt-get update && sudo apt-get dist-upgrade

You’ll need to reboot your server to apply the changes.

# sudo reboot

CentOS

At this time, we’re still waiting for Red Hat to release a patch. This tutorial will be updated with instructions on how to secure your CentOS server as soon as possible. In the interim, you can use this workaroundfrom the Red Hat bug tracker.

Conclusion

Make sure to update your Linux servers to stay protected from this privilege escalation bug.

  • 109 用戶發現這個很有用
此文章對您是否有幫助?

Related Articles

Ubuntu14.04升级内核到4.9.6

经我们在测试机测试,Ubuntu 14.04可以成功升级到内核4.9.6,以下是为更换方法,供大家参考:1. 下载新内核wget...

Ubuntu 16.04升级到内核4.9.8

经测试,Ubuntu 16.04可以成功升级到内核4.9.8,以下是为更换方法,供大家参考:1. 下载新内核(示例为64位,请大家根据自己的实际版本到官方下载对应内核)wget...