Skip to main content
BlogCloud OverviewsLinux “Dirty Cow” Vulnerability (CVE-2016-5195)

Linux “Dirty Cow” Vulnerability (CVE-2016-5195)

LinuxDirtyCowVulnerability_1200x631

A privilege escalation vulnerability being branded as “Dirty Cow” (CVE-2016-5195) was recently discovered and fixed yesterday in the Linux Kernel. It has existed for 11 years, so pretty much every device running Linux is affected (this includes VMs, physical machines, mobile devices, and so on) and, in general, distros from every vendor are affected.

Linode has made available new 4.8.3 based kernels to address the issue – so if you’re running our kernels (as is the default), you should just need to reboot your Linodes to pick up the new kernel.

If you’re running a distribution’s kernel or your own kernel, you’ll need to apply updates on your own.

As always, there are subtleties and potential defenses and configurations which may make this a non-issue for your specific situation, so we’ll leave the assessment up to you – but our general advice is to upgrade your kernels and reboot as soon as possible.

For the curious, here’s the patch from Linus Torvalds.


Comments (7)

  1. Author Photo

    Awesome. Fast response as always. I’ve rebooted my linodes to apply the updated kernel version.

  2. Author Photo

    Thanks Linode for the kernel release. Much appreciated 🙂

  3. Author Photo

    I second @George’s sentiment!

  4. Author Photo

    Thanks, Linode, for you quick response!

  5. Author Photo

    Thanks a lot to this wonderful team <3
    I was freaking out when I saw how I was able to abuse it.

  6. Author Photo
    Christian Bregnedal

    Thanks for the quick fix 🙂

  7. Author Photo

Leave a Reply

Your email address will not be published. Required fields are marked *