Security News > 2016 > October > Dirty COW Linux kernel zero-day exploited in the wild is now patched (Help Net Security)
2016-10-21 20:11
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The vulnerability (CVE-2016-5195) has been dubbed Dirty COW by a community-maintained project that took it upon themselves to raise its visibility by appending a name and logo, despite their dislike of “branded” vulnerabilities. Why was it named so? Because, as explained by Red Hat developers, the source of the flaw … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m1XpKIOITEo/
Related news
- Google fixes Android kernel zero-day exploited in attacks (source)
- Google patches odd Android kernel security bug amid signs of targeted exploitation (source)
- CISA orders agencies to patch Linux kernel bug exploited in attacks (source)
- Mixing Rust and C in Linux likened to cancer by kernel maintainer (source)
- 'Key kernel maintainers' still back Rust in the Linux kernel, despite the doubters (source)
- Linux royalty backs adoption of Rust for kernel code, says its rise is inevitable (source)
- Strap in, get ready for more Rust drivers in Linux kernel (source)
- URGENT: Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days (source)
- Microsoft patches Windows Kernel zero-day exploited since 2023 (source)
- Patch Tuesday: Microsoft Fixes 57 Security Flaws – Including Active Zero-Days (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |