kernel - What is the "Dirty COW" bug, and how can I secure my system against it? - Ask Ubuntu


i've heard of bug "dirty cow" allows user read access files write them , gain administrative access. how protect against bug?

the ancient dirty cow bug

this bug has been around since kernel version 2.6.22. allows local user read access gain administrative privileges. warning has been issued (softpedia: linux kernels 4.8.3, 4.7.9 & 4.4.26 lts out patch "dirty cow" security flaw) , users urged upgrade kernel linux kernel 4.8.3, linux kernel 4.7.9, , linux kernel 4.4.26 lts. this link misleading because these kernel versions not supported ubuntu.

this answer tailored ubuntu users , tells you:

  • recommended kernel versions ubuntu users
  • how display current kernel version
  • how apply fix ubuntu supported kernels
  • how apply fix non-supported ubuntu kernels

ubuntu users "dirty cow" recommended kernels

ubuntu released security updates on october 20, 2016 patch kernel used supported ubuntu versions: softpedia: canonical patches ancient "dirty cow" kernel bug in supported ubuntu oses

canonical urging users patch systems installing:

  • linux-image-4.8.0-26 (4.8.0-26.28) ubuntu 16.10
  • linux-image-4.4.0-45 (4.4.0-45.66) ubuntu 16.04 lts
  • linux-image-3.13.0-100 (3.13.0-100.147) ubuntu 14.04 lts
  • linux-image-3.2.0-113 (3.2.0-113.155) ubuntu 12.04 lts
  • linux-image-4.4.0-1029-raspi2 (4.4.0-1029.36)

the xenial hwe kernel ubuntu 14.04 lts updated well, version linux-image-4.4.0-45 (4.4.0-45.66~14.04.1), , trusty hwe kernel ubuntu 12.04 lts version linux-image-3.13.0-100 (3.13.0-100.147~precise1).

please update ubuntu installations following instructions provided canonical at: https://wiki.ubuntu.com/security/upgrades .

display current kernel version

to display current running kernel version open terminal ctrl+alt+t , type:

uname -a

the kernel version you booted with displayed this:

linux dell 4.8.1-040801-generic #201610071031 smp fri oct 7 14:34:10 utc 2016 x86_64 x86_64 x86_64 gnu/linux

remember after install new kernel patches, can still boot older kernel versions grub. older versions not have patch applied, case of kernel version 4.8.1.

once again remember kernel version 4.8.1 not supported ubuntu.

how fix ubuntu supported kernels

since ubuntu has released fix of bug, users need upgrade system. if daily security updates enabled kernel upgrade has been done. check kernel version list of kernels above.

if ubuntu has not automatically upgraded kernel version run:

sudo apt-get update sudo apt-get dist-upgrade sudo reboot

after rebooting check current kernel version repeating previous section instructions.

how fix non-supported ubuntu kernels

some installations newer hardware may using unsupported kernel such 4.8.1 or greater. if need manually upgrade kernel. although bug report link above says use kernel 4.8.3, of october 30, 2016, 4.8.5 recent , how install it:

cd /tmp wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.8.5/linux-headers-4.8.5-040805_4.8.5-040805.201610280434_all.deb wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.8.5/linux-headers-4.8.5-040805-generic_4.8.5-040805.201610280434_amd64.deb wget http://kernel.ubuntu.com/~kernel-ppa/mainline/v4.8.5/linux-image-4.8.5-040805-generic_4.8.5-040805.201610280434_amd64.deb sudo dpkg -i *.deb sudo reboot

after rebooting check current kernel version repeating instructions 2 sections back.


Comments

Post a Comment

Popular posts from this blog

download - Firefox cannot save files (most of the time), how to solve? - Super User

this not full duplicate of this question or this question , though base question same. however, questions have no answers. for on half year have problems downloading files firefox. when click on download link, download dialog opened asking me do, save or open it. immediately, there error/warning pop-up (twice, can see 1 @ first) ok button. looks this message : "c:\users\%user%\appdata\local\temp\wbbdv9k8.zip.part not saved because source file not read. try again later or contact server administrator." replace '%user%' name of user trying download. after closing pop-up, download dialog disappears , have minimize firefox , open again, see other pop-up. downloading exact same file internet explorer work, not desired. i tried solutions here . tried solutions here . tried disabling extensions. tried fixing permissions on temp folder. tried making files , folder in profile directory non-readonly. tried running firefox administrator. tried
Read more

windows - "-2146893807 NTE_NOT_FOUND" when repair certificate store - Super User

i try repair certificate store in windows 10 doing c:\windows\system32>certutil -store -user ‎330000019dba8d5dddb98062a900000000019d "personal" certutil: -store command failed: 0x80090011 (-2146893807 nte_not_found) certutil: object not found. i have double check mmc, certificate details serial number of certificate. still fail repair certificate store. can please help? i getting same error when trying export pfx. turns out had export c:\cert.pfx instead of cert.pfx (it trying export file cert store ( cert:\localmachine\my ).
Read more

sql server - "Configuration file does not exist", Event ID 274 - Super User

sql server 2014 standard in server 2012 r2 i installed sql server 2014 in drive d: i following error: microsoft ssis service: registry setting specifying configuration file not exist. attempting load default config file. simply add c:\program files\microsoft sql server\1?0\dts\binn\msdtssrvr.ini.xml to default reg_sz value in: hkey_local_machine\software\microsoft\microsoft sql server\1?0\ssis\serviceconfigfile where ? replaced matching sql server version
Read more