Ask Your Question
1

How to mitigate dirty COW (CVE-2016-5195) in Fedora

asked 2016-10-24 02:46:48 -0500

MANOJ gravatar image

Hello All,

As you are all aware there is dirty COW (CVE-2016-5195) vulnerability gained attention recently when hackers started exploiting it. My Fedora Server is kernel is running on 2.6.27.5-117.fc10.x86_64 and seems to ve vulnerable. Can someone please explain how to mitigate this vulnerability. Linux Kernal - 2.6.27.5-117.fc10.x86_64

edit retag flag offensive close merge delete

3 Answers

Sort by ยป oldest newest most voted
4

answered 2016-10-24 09:54:11 -0500

aeperezt gravatar image

All those security issues has been solve on newer version of Fedora and Kernel, since you using Fedora 10 and its out of support for many years now, you best option is to update to a new version or recompile a new kernel your self.

edit flag offensive delete link more
1

answered 2016-10-26 15:20:32 -0500

florian gravatar image

See https://bugzilla.redhat.com/show_bug.... comment 13 on how to mitigate Dirty COW vulnerability.

Comment 17 refers to the upstream kernel patch

edit flag offensive delete link more
0

answered 2017-06-15 01:12:30 -0500

MANOJ gravatar image

Hi Guys,

One of my linux server which is running very lower fedora version (2.6.27.5-117.fc10.x86_64) and it is affected with dirty COW (CVE-2016-5195) vulnerability.

To mitigate the vulnerability and I have configured below script on server

probe kernel.function("mem_write").call ? { $count = 0 }

probe syscall.ptrace { // includes compat ptrace as well $request = 0xfff }

probe begin { printk(0, "CVE-2016-5195 mitigation loaded") }

probe end { printk(0, "CVE-2016-5195 mitigation unloaded") }

But unable to run the script and getting following error.

semantic error: unresolved arity-1 function: identifier 'printk' at Vulnerability.stp:10:9 source: printk("CVE-2016-5195 mitigation loaded") ^ semantic error: unresolved arity-1 function: identifier 'printk' at :15:9 source: printk("CVE-2016-5195 mitigation unloaded") ^ Pass 2: analysis failed. Try again with another '--vp 01' option.

Can you help me to understand error and to fix vulnerability

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Question Tools

Stats

Asked: 2016-10-24 02:46:48 -0500

Seen: 1,390 times

Last updated: Jun 15 '17