Security News > 2016 > October > Dirty COW Linux kernel zero-day exploited in the wild is now patched (Help Net Security)
2016-10-21 20:11
Linux developer Phil Oester has spotted attackers exploiting a Linux kernel zero-day privilege escalation flaw that dates back to 2007, and has raised the alarm. The vulnerability (CVE-2016-5195) has been dubbed Dirty COW by a community-maintained project that took it upon themselves to raise its visibility by appending a name and logo, despite their dislike of “branded” vulnerabilities. Why was it named so? Because, as explained by Red Hat developers, the source of the flaw … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/m1XpKIOITEo/
Related news
- Easy-to-use make-me-root exploit lands for recent Linux kernels. Get patching (source)
- Researchers Uncover First Native Spectre v2 Exploit Against Linux Kernel (source)
- Prompt Hacking, Private GPTs, Zero-Day Exploits and Deepfakes: Report Reveals the Impact of AI on Cyber Security Landscape (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-11-10 | CVE-2016-5195 | Race Condition vulnerability in multiple products Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW." | 7.8 |