Testing for the dirty cow CVE-2016-5195?
On october 19 2016, the Dirty Cow vulnerability went public (which is kernel privilege escalation vulnerability) . From what I have read and test, the exploit is working only on Centos 7/ RHEL7 / Cloudlinux 7 distros .
CVE-2016-5195
Why is it called the Dirty COW bug?
“A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.”
Source info: http://dirtycow.ninja/
How to test if you are vulnerable ?
1) Download and compile the PoC then run the following commands
sudo -s
chmod 0404 foo
ls -lah foo
-r—–r– 1 root root 19 Oct 20 15:23 foo
cat foo
If you get this:
Then you are VULNERABLE.
If you get this
You are SAFE
keep updating your linux kernels 🙂