Security News > 2016 > October > Dirty COW Linux kernel zero-day exploited in the wild is now patched (Help Net Security)
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The vulnerability (CVE-2016-5195) has been dubbed Dirty COW by a community-maintained project that took it upon themselves to raise its visibility by appending a name and logo, despite their dislike of “branded” vulnerabilities. Why was it named so? Because, as explained by Red Hat developers, the source of the flaw … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m1XpKIOITEo/
Related news
- Deepen your knowledge of Linux security (source)
- Microsoft plans to boot security vendors out of the Windows kernel (source)
- Oracle Linux 9 Update 5 brings security updates, OpenJDK 17, .NET 9.0 (source)
- 'Alarming' security bugs lay low in Linux's needrestart utility for 10 years (source)
- Zero-day data security (source)
- Researchers Discover "Bootkitty" – First UEFI Bootkit Targeting Linux Kernels (source)
- Discover the future of Linux security (source)
- Week in review: MUT-1244 targets both security workers and threat actors, Kali Linux 2024.4 released (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.0 |