Ancient Linux flaw gives any user root access in less than 5 secondsOctober 24, 2016 - 18:21 AMT PanARMENIAN.Net - If you need another reason to be paranoid about network security, a serious exploit that attacks a nine-year-old Linux kernel flaw is now in the wild, Engadget said. The researcher who found it, Phil Oester, told V3 that the attack is "trivial to execute, never fails and has probably been around for years." Because of its complexity, he was only able to detect it because he had been "capturing all inbound HTTP traffic and was able to extract the exploit and test it out in a sandbox," Oester said. The kernel flaw (CVE-2016-5195) is an 11-year-old bug that Linus Tovalds himself tried to patch once. His work, unfortunately, was undone by another fix several years later, so Oester figures it's been around since 2007. The problem is that the Linux kernel's memory system can break during certain memory operations, according to Red Hat. "An unprivileged local user could use this flaw to gain write access ... and thus increase their privileges on the system." In other words, it can be used to get root server access, which is a terrible thing for the internet. Though it's primarily an attack for users that already have an account on a server, it could potentially be exploited on a Linux machine that lets you execute a file -- something that's common for online servers. Torvalds points out that the race condition flaw used to be "purely theoretical," but is now easier to trigger thanks to improved VM tech. Keepers of the Linux kernel have patched the bug (dubbed "Dirty COW," for copy-on-write) and distributors like Red Hat, which classified the bug as "important," are working on updates. "All Linux users need to take this bug very seriously, and patch their systems ASAP," says Oester. He adds that the packet captures that helped him spot the exploit "have proved invaluable numerous times. I would recommend this extra security measure to all admins." Photo: Getty Images Top stories Yerevan will host the 2024 edition of the World Congress On Information Technology (WCIT). Rustam Badasyan said due to the lack of such regulation, the state budget is deprived of VAT revenues. Krisp’s smart noise suppression tech silences ambient sounds and isolates your voice for calls. Gurgen Khachatryan claimed that the "illegalities have been taking place in 2020." Partner news Most popular in the section | European Parliament to discuss repression in Azerbaijan The European Parliament will discuss repression of civil society in Azerbaijan on April 24 PACE wants concessions from Azerbaijan to accept Baku back A PACE co-rapporteur said that Azerbaijani authorities must make certain concessions so that the country can return to PACE. Cyprus parliament honors Armenian genocide victims Acting House President Zacharias Koulias noted that April 24 marks the “black anniversary” of the Armenian genocide. Armenia PM, France envoy discuss regional matters Issues related to the consistent development of Armenia-France cooperation were discussed. |