Hey all,
Two years ago I’m sure you’ve all heard about ShellShock – a
remote code execution exploit in bash that existed for about 25 years
until discovered.
Three weeks ago a new vulnerability, known as Dirty Cow (or
CVE-2016-5195 if you insist), was discovered.
This exploit allows local privilege escalation on almost all
Linux distributions and kernels as the vulnerable code existed since 2007
(from kernel version 2.6.22 and even 2.6.18 for some distributions).
While this is only a privilege escalation vulnerability,
there are already reports of users gaining limited access to servers and using
this vulnerability to escalate their privileges.
In fact, the exploit became public as a security researcher
observed the exploit in a pcap file.
Organizations are kindly requested to upgrade their
kernel version.
BTW,
This exploit can also be used to root your Android device (https://github.com/timwr/CVE-2016-5195)
Stay tuned for more updates.
Dan
Gurfinkel
Head of
Offensive Security & Response Unit