If you have a Linux-based device, you need to be aware of the “Dirty COW” exploit that hackers are actively exploiting. This privilege escalation error affects all Linux operating systems and allows attackers to hijack your system by triggering a race condition in the copy-on-write implementation.
The “Dirty COW” flaw was discovered 11 years ago by the creator of Linux himself, Linus Torvalds, but was left unfixed as it was thought challenging to activate. Recent changes in the kernel design, however, have made it much more exploitable.
Linux vendors such as Red Hat, Debian, and Ubuntu have released patches to fix the vulnerability. However, devices such as routers and Internet of Things (IoT) devices that run on the vulnerable kernel may not receive the patches. The Android system, which is based on Linux, is also susceptible to the exploit, and Android users may have to wait for the next batch of patches, which will be released next month.
FAQs
How do hackers exploit the “Dirty COW” flaw?
Hackers exploit the “Dirty COW” flaw by triggering a race condition in the copy-on-write implementation, which allows them to elevate their access and hijack the entire system.
How can I protect my Linux device from the “Dirty COW” exploit?
The easiest way to protect your Linux device from the “Dirty COW” exploit is to check if your operating system version has a patch, and if it does, install the patch as soon as possible. If your device is an IoT or router device that runs on a vulnerable kernel, consider upgrading to a newer device that is not susceptible to the exploit.