CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw

Home » CentOS » CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw
CentOS 13 Comments

Dear All,

I guess, we all have to urgently apply workaround, following, say, this:

https://gryzli.info/2016/10/21/protect-cve-2016-5195-dirtycow-CentOS-7rhel7cpanelcloudlinux/

At least those of us who still have important multi user machines running Linux. (Yes, me too, I do have a couple, thank goodness, the rest are already not ;-)

Have a productive weekend, everybody.

Valeri

++++++++++++++++++++++++++++++++++++++++
Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
++++++++++++++++++++++++++++++++++++++++

13 thoughts on - CVE-2016-5195 “DirtyCOW”: Critical Linux Kernel Flaw

  • I should have said CentOS 7. Older ones (CentOS 6 and 5) are not vulnerable.

    Luckily, no multi-user CentOS 7 machines here, only single user workstations.

    Good luck, everybody!

    Valeri

    PS Sorry about a bit premature first message: I realize not that I was in the same state of mind as back then when there was remote root SSH
    vulnerability. It was long ago, but some may still remember that…

    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++

  • What is the best approach on CentOS 6 to mitigate the problem is officially patched? As far as I can tell CentOS 6 is vulnerable to attacks using ptrace.

    There is a mitigation described here

    https://bugzilla.redhat.com/show_bug.cgi?id84344#c13

    which doesn’t fix the underlying problem, but at least protects against known attack vectors. However, I’m unsure if the script only applies to CentOS 7, or if it also works on CentOS 6?

    Cheers, Christian

  • In article <5818CD31.4050008@moving-picture.com>, James Pearson wrote:

    In other words, no: RHEL 4 and CentOS4 are not affected by this flaw.

    Tony

  • My understanding is: RHEL is obsolete, hence it will not even be mentioned on that page, whether it is known to be affected or not.

    Valeri

    ++++++++++++++++++++++++++++++++++++++++
    Valeri Galtsev Sr System Administrator Department of Astronomy and Astrophysics Kavli Institute for Cosmological Physics University of Chicago Phone: 773-702-4247
    ++++++++++++++++++++++++++++++++++++++++

  • RHEL/CentOS-4 is EOL so wouldn’t be updated regardless (at least under the normal EOL guidelines), but it is mentioned toward the bottom of that page under “Affected Packages State”:

    Red Hat Enterprise Linux 4 kernel Not affected

  • Dear Sir/s,

    Can a crashed CentOS system be restore to its previous state before it crash? And if so, can you please tell me how to do it?
    Thanks, your help is very much appreciated.

    —– Original Message —

  • You appear to have hijacked this (DirtyCOW) thread. You may want to re-post your question as a new message so that it won’t get mingled with this discussion.

    ———— Original Message ———-

  • It is mentioned because RHEL4 is in extended life phase, so not EOL yet.

    CentOS 4 is EOL as CentOS does not track the extended life phase of Red Hat.

    Peter

  • Dear Sir/s,

    What I mean is the system crashed where the OS is no longer booting properly. This started when I did a “partition resize”.

    Unfortunately, we don’t have any backup of the system.

    Thanks in advance for your help.

    Regards,

    CHRIS

    —– Original Message —

  • Hello Christopher,

    As Peter already pointed out it is not done to “hijack” existing threads. It is confusing for the reader to have a different subject discussed in an existing thread. Please start a new mail with a descriptive subject line and send that to the list. Thank you.

    Regards, Leonard.