Dirty Cow fix?

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • hnt2507
    Junior Member
    • Mar 2021
    • 4

    #1

    Dirty Cow fix?

    Kernel exploit
  • morten
    Senior Member
    • Aug 2017
    • 129

    #2
    Hello,

    Is https://bugzilla.redhat.com/show_bug.cgi?id=1384344 patched?
    More information also available here:
    Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability in the Linux Kernel.

    Comment

    • mtindor
      Member
      • Jun 2017
      • 39

      #3
      m not too bright, but the "mitigation" Ive read about states that it disables ptrace.

      I wonder if having "kernel.user_ptrace = 0" in /etc/sysctl.conf is enough to mitigate this on CL servers.

      Mike

      Comment

      • bogdan.sh
        Administrator
        • Nov 2016
        • 1222

        #4
        Hi,

        Yes, disabling ptrace could help here, however with our tests its a bit broken. We are working to to release patched kernels and they will be available soon.

        Comment

        • stephan
          Junior Member
          • May 2017
          • 4

          #5
          Can you tell us more about the impact?

          I am using CageFS everywhere and all users are in LVE.

          I am unable to reproduce the bug:

          bash-4.1$ cat foo
          this is not a test
          bash-4.1$ ./dirtyc0w foo m00000000000000000
          mmap cd95a000

          madvise 0

          procselfmem -100000000

          bash-4.1$ cat foo
          this is not a test

          Comment

          • clm
            Senior Member
            Forum ExplorerTechnical AssociateSolutions DeveloperInnovation Contributor
            • Mar 2021
            • 259

            #6
            It doesn affect Redhat 5 or Redhat 6 with default configuration, only Redhat 7, So I presume that its the same for CloudLinux and that only version 7 is vulnerable.

            Comment

            Working...