Take Action on Dirty COW

October 26, 2016 | 1 minute read
Zeynep Koch
Global Director of Marketing, Linux and Virtualization
Text Size 100%:

I am sure you have heard about "Dirty COW" by now and may be trying to figure out if you need a patch or how to patch your Linux systems.

Dirty COW is a concurrency vulnerability in the Linux kernel’s memory subsystem that allows uncontrolled access to shared data. Specifically, this is a copy-on-write (COW) breakage that could allow an unprivileged user to gain write access to otherwise read-only memory mappings and potentially increase their privileges on the system.

This vulnerability was reported last week and it is recommended that you promptly implement fixes/patches to address it, to help ensure the rights/privileges you have in place to contain users’ read/write access are not altered.

Oracle has released updates to Oracle Linux to address Dirty COW. For those customers with an Oracle Premier Support subscription, this is a good time to use the Ksplice service – which enables you to access and apply these patches with zero downtime. Read more about it on the Ksplice blog.

For customers without a Premier Support subscription, you will need to schedule downtime, apply the patches and restart your system. You can find the documentation on using the yum-security plugin here. You can find all Oracle Linux CVEs here and in Oracle Support Document 2117117.1

PC: Dirty Cow Logo from https://upload.wikimedia.org/wikipedia/commons/1/1b/DirtyCow.svg

 

 

Zeynep Koch

Global Director of Marketing, Linux and Virtualization

Zeynep Koch is Sr.Global Marketing Director responsible for Oracle’s Linux, Virtualization and OpenStack products. She manages team responsible for managing product and brand marketing activities as well as field marketing activities globally. She has gained her credentials in major corporations across the globe in North America, EMEA, APAC and Australia/New Zealand. She is interested in implementing latest technologies to sales and marketing.


Previous Post

CVE-2016-5195/Dirty COW and Ksplice

Jamie Iles | 1 min read

Next Post


Oracle Linux and Ksplice - the Linux distribution with minimal downtime

Jamie Iles | 3 min read