What is Dirty Cow CVE-2016-5195 is a bug in the Copy On Write mechanism of the Kernel. Any user or user owned process can gain write access to memory mappings which should be read only for the end user. This allows them to interact with otherwise root only files. Should you worry about it? YES. you should jpatch your system(s) right away! Who found CVE-2016-5195? Who cares? ITS BAD PATCH NOW!! ok just kidding, security researcher Phil Oester was the first one to publically release info about this exploit. He found it via a http packet capture setup. Is this related to SSL / OpenSSL? No, unlike heartbleed, poodle etc this is not related to SSL. Where can I get some official info about this exploit? Not sure what you mean by official but check at mitre and Redhat How to find out if I am affected? Ubuntu / Debian type as root or with sudo uname -rv sample outputs : 4.4.13-1-pve #1 SMP Tue Jun 28 10:16:33 CEST 2016 2.6.32-openvz-042stab104.1-amd64 #1 SMP Thu Jan 29 13:06:16 MSK 2015 4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016 3.16.0-4-amd64 #1 SMP Debian 3.16.36-1+deb8u2 (2016-10-19) List of kernel numbers which need to be updated. 4.8.0-26.28 for Ubuntu 16.10 4.4.0-45.66 for Ubuntu 16.04 LTS 3.13.0-100.147 for Ubuntu 14.04 LTS 3.2.0-113.155 for Ubuntu 12.04 LTS 3.16.36-1+deb8u2 for Debian 8 3.2.82-1 for Debian 7 4.7.8-1 for Debian unstable Redhat / Centos / Fedora wget the test file directly from redhat access : wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh CHmod +x rh-cve-2016-5195_1.sh bash rh-cve-2016-5195_1.sh If you are […]