Dirty COW Linux OS Vulnerability : NEW Security Hole in Linux Kernel

  • Posted by Envision Ecommerce
  • /
  • October 26, 2016
CVE-2016-5195 - New Linux Operating System Security Hole

Recently, a new major security hole in the Linux kernel has been found which is referred as CVE-2016-5195, also called – “Dirty Cow”. It is a serious vulnerability that could lead to increased privileges on most commercially backed Linux distributors covering Red Hat, Ubuntu, Debian, Suse and their different versions such as Red Hat Enterprise versions: 5.6.7, Debian versions: Wheezy, Jessie, Strech, Ubuntu versions: 16.04 LTS, 14.04 LTS, etc.

The issue is mainly originated from a race condition that exists in the Linux kernel’s memory. A local attacker could leverage this issue to gain administrative access to your server. If your existing Magento store is running on Linux operating system, you may be compromised as an attacker can easily upload files to your server or admin account. Here is:

How to Bulletproof Your Magento Store against this Dirty Cow Vulnerability? 

If you handle your own server, you must update kernel (and reboot your server) as soon as you get assigned with the security patch through your operating system supplier.

On the other hand, if don’t have your own server to manage or you are on a shared server, you need to make a contact with your server administrator or hosting supplier to ensure your Magento store’s safety against this serious vulnerability.

Knowing this serious issue may half the battle, and now you are aware of it. In the end, our general guidance is just to update your kernels and reboot your operating system as soon as possible.