Security News > 2016 > October > Dirty COW Linux kernel zero-day exploited in the wild is now patched (Help Net Security)
2016-10-21 20:11
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The vulnerability (CVE-2016-5195) has been dubbed Dirty COW by a community-maintained project that took it upon themselves to raise its visibility by appending a name and logo, despite their dislike of “branded” vulnerabilities. Why was it named so? Because, as explained by Red Hat developers, the source of the flaw … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m1XpKIOITEo/
Related news
- Week in review: Microsoft fixes two exploited zero-days, SOC teams are losing trust in security tools (source)
- The Rise of Zero-Day Vulnerabilities: Why Traditional Security Solutions Fall Short (source)
- Deepen your knowledge of Linux security (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- 'Alarming' security bugs lay low in Linux's needrestart server utility for 10 years (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |