{"id":724,"date":"2016-10-25T12:58:58","date_gmt":"2016-10-25T09:58:58","guid":{"rendered":"https:\/\/community.virtono.com\/?p=724"},"modified":"2016-10-26T23:36:05","modified_gmt":"2016-10-26T20:36:05","slug":"how-to-protect-your-server-against-the-dirty-cow-linux-vulnerability","status":"publish","type":"post","link":"https:\/\/www.virtono.com\/community\/news-announcements\/how-to-protect-your-server-against-the-dirty-cow-linux-vulnerability\/","title":{"rendered":"How To Protect Your Server Against the Dirty COW Linux Vulnerability"},"content":{"rendered":"<p><strong>Introduction<\/strong> : On October 19, 2016, a privilege escalation vulnerability in the Linux kernel was disclosed. The bug is nicknamed Dirty COW because the underlying issue was a race condition in the way kernel handles copy-on-write (COW). Dirty COW has existed for a long time at least since 2007, with kernel version 2.6.22 so the vast majority of servers are at risk.<\/p>\n<p>Exploiting this bug means that a regular, unprivileged user on your server can gain write access to any file they can read, and can therefore increase their privileges on the system. More information can be found on CVE-2016-5195 from Canonical, Red Hat, and Debian.<\/p>\n<p>Fortunately, most major distributions have already released a fix. \u00a0So, if you\u2019re running an older server, you can follow this tutorial to check and patch your server.<\/p>\n<p><strong>Check Vulnerability :<\/strong><\/p>\n<p><strong>Ubuntu\/Debian<\/strong><\/p>\n<p>To find out if your server is affected, check your kernel version.<\/p>\n<p><code># uname -rv<\/code><\/p>\n<p>You\u2019ll see output like this:<br \/>\n<code>4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016<\/code><\/p>\n<p>If your version is earlier than the following, you are affected:<\/p>\n<ul>\n<li>4.8.0-26.28 for Ubuntu 16.10<\/li>\n<li>4.4.0-45.66 for Ubuntu 16.04 LTS<\/li>\n<li>3.13.0-100.147 for Ubuntu 14.04 LTS<\/li>\n<li>3.2.0-113.155 for Ubuntu 12.04 LTS<\/li>\n<li>3.16.36-1+deb8u2 for Debian 8<\/li>\n<li>3.2.82-1 for Debian 7<\/li>\n<li>4.7.8-1 for Debian unstable<\/li>\n<\/ul>\n<p><strong>CentOS<\/strong><br \/>\nIf you\u2019re on CentOS, you can use <a href=\"https:\/\/access.redhat.com\/sites\/default\/files\/rh-cve-2016-5195_1.sh\" target=\"_blank\" rel=\"noopener\">this script provided by RedHat<\/a> to test your server\u2019s vulnerability. To do so, first download the script.<\/p>\n<p><code>wget https:\/\/access.redhat.com\/sites\/default\/files\/rh-cve-2016-5195_1.sh<\/code><\/p>\n<p>Then run it with <strong>bash<\/strong>.<\/p>\n<p><code># bash rh-cve-2016-5195_1.sh<\/code><\/p>\n<p>If you\u2019re vulnerable, you\u2019ll see output like this:<\/p>\n<pre class=\"code\">Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.\r\nRed Hat recommends that you update your kernel. Alternatively, you can apply partial\r\nmitigation described at https:\/\/access.redhat.com\/security\/vulnerabilities\/2706661 .<\/pre>\n<p><strong>Fix Vulnerability<\/strong><\/p>\n<p><strong>Fortunately, applying the fix is straightforward: update your system and reboot your server.<\/strong><\/p>\n<p><strong>Ubuntu\/Debian<\/strong><\/p>\n<p>Update and upgrade your packages using apt-get.<\/p>\n<p><code># sudo apt-get update &amp;&amp; sudo apt-get dist-upgrade<\/code><\/p>\n<p>You\u2019ll need to reboot your server to apply the changes.<\/p>\n<p><code># sudo reboot<\/code><\/p>\n<h3 id=\"centos\">CentOS<\/h3>\n<p><span class=\"warning\">Right now, we&#8217;re still waiting on a fix for CentOS 5. In the interim, you can use <a href=\"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1384344#c13\" target=\"_blank\" rel=\"noopener\">this workaround<\/a> from the Red Hat bug tracker.<br \/>\n<\/span><\/p>\n<p>To update your kernel on CentOS 6 and 7, run:<\/p>\n<p># sudo yum update<\/p>\n<p>Finally, you&#8217;ll need to reboot your server to apply the changes.<\/p>\n<p># sudo reboot<\/p>\n<pre class=\"code-pre command\"><\/pre>\n<p><strong>Conclusion<\/strong><\/p>\n<p><strong>Make sure to update your Linux servers to stay protected from this privilege escalation bug.<\/strong><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Introduction : On October 19, 2016, a privilege escalation vulnerability in the Linux kernel was disclosed. The bug is nicknamed Dirty COW because the underlying issue was a race condition in the way kernel handles copy-on-write (COW). Dirty COW has existed for a long time at least since 2007, with<\/p>\n","protected":false},"author":1,"featured_media":129,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[1,5],"tags":[28,26,27],"class_list":["post-724","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-announcements","category-knowledgebase","tag-dirty-cow","tag-linux","tag-vulnerability"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=3264%2C2448&ssl=1","jetpack_sharing_enabled":true,"jetpack_shortlink":"https:\/\/wp.me\/p7ISfL-bG","jetpack_likes_enabled":true,"jetpack-related-posts":[{"id":720,"url":"https:\/\/www.virtono.com\/community\/news-announcements\/virtono-upgrades-oct-2016\/","url_meta":{"origin":724,"position":0},"title":"Virtono Upgrades &#8211; Oct 2016 (Poll Inside)","author":"Virtono","date":"October 25, 2016","format":false,"excerpt":"Because of our lately growth, beeing bigger then we expected, some of our servers became overcrowded, so a few of them didn't worked at full capacity. To solve these problems and avoid them in the future we`ve made many steps, such as: - Multiple VPS and VDS nodes have been\u2026","rel":"","context":"In &quot;Announcements&quot;","block_context":{"text":"Announcements","link":"https:\/\/www.virtono.com\/community\/category\/news-announcements\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/IMG_2035.jpg?fit=1200%2C900&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1256,"url":"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/google-disassembles-usb-stack-of-the-linux-kernel\/","url_meta":{"origin":724,"position":1},"title":"Google disassembles USB stack of the Linux kernel","author":"Daniel Draga","date":"November 9, 2017","format":false,"excerpt":"With a special fuzzer for kernel system calls from\u00a0Google\u00a0, extremely many bugs have been found in the USB stack of the\u00a0Linux kernel\u00a0.\u00a0Many of them are classified as critical vulnerabilities, which is true for all kernel bugs. The Syzkaller tool, created and developed with Google support, is intended to fuzzy operating\u2026","rel":"","context":"In &quot;IT News&quot;","block_context":{"text":"IT News","link":"https:\/\/www.virtono.com\/community\/category\/internet-and-technology-news\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/google-linux.png?fit=1200%2C569&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/google-linux.png?fit=1200%2C569&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/google-linux.png?fit=1200%2C569&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/google-linux.png?fit=1200%2C569&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/google-linux.png?fit=1200%2C569&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":97,"url":"https:\/\/www.virtono.com\/community\/knowledgebase\/what-is-the-difference-between-kvm-and-openvz-virtualization\/","url_meta":{"origin":724,"position":2},"title":"What is the difference between KVM and OpenVZ virtualization?","author":"Virtono","date":"July 18, 2016","format":false,"excerpt":"\u00a0 VS \u00a0What is the difference between KVM and OpenVZ? Usually this question arises when a person is looking for a Virtual Private Server, it\u2019s a dilemma, isn\u2019t it? Weighing the pros and cons but one thing that should be kept in mind is that out of these two, there\u2026","rel":"","context":"In &quot;Knowledgebase&quot;","block_context":{"text":"Knowledgebase","link":"https:\/\/www.virtono.com\/community\/category\/knowledgebase\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-2.jpg?fit=1024%2C768&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-2.jpg?fit=1024%2C768&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-2.jpg?fit=1024%2C768&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2016\/07\/1-2.jpg?fit=1024%2C768&ssl=1&resize=700%2C400 2x"},"classes":[]},{"id":1195,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/remove-old-kernels-in-ubuntu\/","url_meta":{"origin":724,"position":3},"title":"Remove Old Kernels in Ubuntu","author":"Shreyash Sharma","date":"October 27, 2017","format":false,"excerpt":"For\u00a0Ubuntu\u00a0installations (prior to Ubuntu version 15.10) with\u00a0separate \/ boot partition\u00a0, it may fill up\u00a0after installing several updates\u00a0.\u00a0The issue occurs because older kernel versions are not automatically removed.\u00a0In this article, we'll show you how to manually uninstall older kernel versions, freeing up space in the \/ boot partition. Problem Installing new\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/Aug30-Kernel-Team-Summary.png?fit=1200%2C675&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/Aug30-Kernel-Team-Summary.png?fit=1200%2C675&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/Aug30-Kernel-Team-Summary.png?fit=1200%2C675&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/Aug30-Kernel-Team-Summary.png?fit=1200%2C675&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/10\/Aug30-Kernel-Team-Summary.png?fit=1200%2C675&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1305,"url":"https:\/\/www.virtono.com\/community\/internet-and-technology-news\/cpu-bugs-have-been-known-since-june-2017-according-to-google\/","url_meta":{"origin":724,"position":4},"title":"CPU bugs have been known since June 2017, according to Google","author":"Shreyash Sharma","date":"January 10, 2018","format":false,"excerpt":"Not only\u00a0Intel\u00a0is affected by the serious vulnerability in processors, by which attackers can read sensitive data.\u00a0Google's\u00a0Project Zero explains the functioning of the memory leaks and Linus Torvalds expects honesty. Intel wants to quickly take care of the vulnerability in processors, which has caused a sensation in recent days.\u00a0According to its\u2026","rel":"","context":"In &quot;IT News&quot;","block_context":{"text":"IT News","link":"https:\/\/www.virtono.com\/community\/category\/internet-and-technology-news\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/01\/not_threaded.png?fit=1200%2C835&ssl=1&resize=350%2C200","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/01\/not_threaded.png?fit=1200%2C835&ssl=1&resize=350%2C200 1x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/01\/not_threaded.png?fit=1200%2C835&ssl=1&resize=525%2C300 1.5x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/01\/not_threaded.png?fit=1200%2C835&ssl=1&resize=700%2C400 2x, https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2018\/01\/not_threaded.png?fit=1200%2C835&ssl=1&resize=1050%2C600 3x"},"classes":[]},{"id":1243,"url":"https:\/\/www.virtono.com\/community\/tutorial-how-to\/compiling-linux-kernels-under-ubuntu-or-debian\/","url_meta":{"origin":724,"position":5},"title":"Compiling Linux kernels under Ubuntu or Debian","author":"Daniel Draga","date":"November 6, 2017","format":false,"excerpt":"Compiling a Linux kernel is not an everyday occurrence for most administrators.\u00a0It is all the more important\u00a0to know\u00a0the right\u00a0tools\u00a0when the time comes.\u00a0The following article shows examples of how Mainline \/ Vanilla Kernel and the distribution-specific\u00a0kernel are compiled. Install required software The following packages are needed to compile: $ sudo apt-get\u2026","rel":"","context":"In &quot;Tutorials&quot;","block_context":{"text":"Tutorials","link":"https:\/\/www.virtono.com\/community\/category\/tutorial-how-to\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/www.virtono.com\/community\/wp-content\/uploads\/2017\/11\/517444-636210253990788094_270x480_thumb.jpg?fit=480%2C270&ssl=1&resize=350%2C200","width":350,"height":200},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/724","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/comments?post=724"}],"version-history":[{"count":2,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/724\/revisions"}],"predecessor-version":[{"id":729,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/posts\/724\/revisions\/729"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media\/129"}],"wp:attachment":[{"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/media?parent=724"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/categories?post=724"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.virtono.com\/community\/wp-json\/wp\/v2\/tags?post=724"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}