Most Dangerous Linux Security Flaw Gives Users Full Access in 5 Seconds
Linux, the operating system that powers most of the internet, has been carrying a bug for over nine years. Researchers have revealed the Linux Kernel has remained infected with a serious vulnerability codenamed Dirty COW. Attackers are exploiting this Linux security privilege escalation vulnerability in the wild, which is present in virtually every version of Linux.
"Any user can become root in < 5 seconds in my testing, very reliably. Scary stuff," Linux developer Phil Oester who discovered this vulnerability said. The bug exploits the way Linux memory handles a duplication called Copy on Write (hence, COW). Untrusted system users can exploit this bug to gain privileged write-access rights to memory that should be read-only.
Known as a privilege escalation bug, an attacker who has already gained some measure of control over the target system can leverage that to have complete control. This is not as serious as the remote code execution vulnerability. But, as Linux is an open source platform, this vulnerability in Kernel means almost every distribution of Linux in the last decade is carrying this exploit. After spotting active and malicious exploit of this bug, researchers have warned to install the patch to avoid any security troubles.
“It’s probably the most serious Linux local privilege escalation ever. The nature of the vulnerability lends itself to extremely reliable exploitation. This vulnerability has been present for nine years, which is an extremely long period of time," Dan Rosenberg said.
Patch for the Dirty Cow Linux security vulnerability is now available
Tracked as CVE-2016-5195, maintainers of the official Linux kernel patched the bug. Some of the major versions of Linux, including Ubuntu, Debian and Red Hat are up to date with the latest patch. However, millions of devices still are open to risk as downstream distributors, including Android, release updates to fix the Dirty Cow Linux security vulnerability.
The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8. As Linus [Torvalds] notes in his commit, this is an ancient bug and impacts kernels going back many years. All Linux users need to take this bug very seriously, and patch their systems ASAP.
Linux has been considered one of the most secure operating systems, thanks to an active and strong development community. As anyone can see and suggest edits to the core source code, it ensures that Linux security vulnerabilities are quickly spotted and patched. But, the fact that Dirty COW was sitting in the kernel for nearly a decade and went unnoticed confirms that attackers get to learn and exploit these bugs before developers.
Google researcher Kees Cook published a research last week showing that it takes an average of 5 years before a Linux bug is discovered and fixed. "The systems using a Linux kernel are right now running with security flaws. Those flaws are just not known to the developers yet, but they’re likely known to attackers," Cook said.