Dirty cow Exploit patches

Questions about applications and software
Forum rules
Before you post please read how to get help
deepakdeshp
Level 16
Level 16
Posts: 6448
Joined: Sun Aug 09, 2015 10:00 am

Dirty cow Exploit patches

Post by deepakdeshp »

Dirty cow is a very serious exploit. From which Mint versions have the patches rolled out in update manager?
Which are the Mint versions not tequiring a patch?
There must be versions for which the patch may not have rolled out.
The youtube video is quite good. Looks like one can become root easily and destroy the system or a whole network.
The bug has existed since around 2.6.22 (released in 2007) and was fixed on Oct 18, 2016.
https://youtu.be/kEsshExn7aE
http://thehackernews.com/2016/10/linux- ... t.html?m=1
Last edited by deepakdeshp on Tue Oct 25, 2016 6:36 pm, edited 1 time in total.
If I have helped you solve a problem, please add [SOLVED] to your first post title, it helps other users looking for help, and keeps the forum clean.
Regards,
Deepak

I am using Mint 19.3 Cinnamon 64 bit with AMD A8/7410 processor . Memory 8GB

User avatar
matelot1958
Level 1
Level 1
Posts: 35
Joined: Sun Mar 13, 2016 6:16 pm

Re: Dirty cow Exploit patches

Post by matelot1958 »

"Which are the Mint versions not requiring a patch" - Very good question, to which it would be nice if we could get a, once and for all, definitive answer!! I've just moved from 3.19.0.32 to 4.4.0.45 (3.13.0.100 wouldn't work for me) on the basis that the 4.4 kernel is okay. Unfortunately, looking across the forums here, the question about the Dirty Cow bug and various kernels is cropping up numerous times - I think, perhaps, because 3.13.100 is causing problems for a number of people. Lots of confusion around!!
Best wishes,
Keith

User avatar
karlchen
Level 20
Level 20
Posts: 11906
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Dirty cow Exploit patches

Post by karlchen »

Hello, guys.

I thought that it had been clear that all Linux Mint versions, Mint 13, Mint 17/17.1/17.2/17.3 and Mint 18, are affected by the "dirty cow" bug.
As I have never been an LMDE 2 user, I cannot tell which kernel version(s) exactly bring along the bugfix for "dirty cow" (CVE-2016-5195) on LMDE 2. Sorry.
Here are the kernel version strings of bug-fixed kernels for the Ubuntu based Linux Mint releases:
  • Mint 13: 3.2.0-113.155, 3.13.0-100.147~precise1
  • Mint 17->17.3: 3.13.0-100.147, 4.4.0-45.66~14.04.1
  • Mint 18: 4.4.0-45.66
Cf. this Ubuntu webpage to verify: CVE-2016-5195
You can also retrieve the same information (and much more) by visiting this Ubuntu webpage: Ubuntu Security Notices

You can determine the exact kernel version string on your system by executing the terminal command

Code: Select all

uname -a
HTH,
Karl
Image
Linux Mint 19.2 64-bit Cinnamon, Total Commander 9.22a 64-bit
Haß gleicht einer Krankheit, dem Miserere, wo man vorne herausgibt, was eigentlich hinten wegsollte. (Goethe)

User avatar
Lucap
Level 5
Level 5
Posts: 913
Joined: Tue May 24, 2016 1:40 am

Re: Dirty cow Exploit patches

Post by Lucap »

Is there a temporary patch that can be applied when running Mint 18 Live disk that doesn't require a restart just for that session?

Cosmo.
Level 23
Level 23
Posts: 17827
Joined: Sat Dec 06, 2014 7:34 am

Re: Dirty cow Exploit patches

Post by Cosmo. »

No, you have to update the kernel and you have to load it by rebooting.

User avatar
Lucap
Level 5
Level 5
Posts: 913
Joined: Tue May 24, 2016 1:40 am

Re: Dirty cow Exploit patches

Post by Lucap »

BAH! :(

Thought as much , Thanks

turtlebay
Level 5
Level 5
Posts: 630
Joined: Mon Apr 01, 2013 12:33 pm

Re: Dirty cow Exploit patches

Post by turtlebay »

Is there an updated version of the iso downloads that contain the new kernels?

User avatar
karlchen
Level 20
Level 20
Posts: 11906
Joined: Sat Dec 31, 2011 7:21 am
Location: Germany

Re: Dirty cow Exploit patches

Post by karlchen »

turtlebay wrote:Is there an updated version of the iso downloads that contain the new kernels?
No, there is not.
It is simply not feasible in terms of needed manpower to recreate and deploy new ISO's everytime a new kernel has been released that fixes a security vulnerability.
Half of the kernel updates include security fixes as well. Just most of the fixed vulnerabilities do not get the public attention which the "dirty cow" receives.
Image
Linux Mint 19.2 64-bit Cinnamon, Total Commander 9.22a 64-bit
Haß gleicht einer Krankheit, dem Miserere, wo man vorne herausgibt, was eigentlich hinten wegsollte. (Goethe)

deepakdeshp
Level 16
Level 16
Posts: 6448
Joined: Sun Aug 09, 2015 10:00 am

Re: Dirty cow Exploit patches

Post by deepakdeshp »

:evil:
karlchen wrote:
turtlebay wrote:Is there an updated version of the iso downloads that contain the new kernels?
No, there is not.
It is simply not feasible in terms of needed manpower to recreate and deploy new ISO's everytime a new kernel has been released that fixes a security vulnerability.
Half of the kernel updates include security fixes as well. Just most of the fixed vulnerabilities do not get the public attention which the "dirty cow" receives.
It must be because the updates do not fix anything nearly as serious and damaging as the dirty cow.☺
Dirty cow can delete everything or put a malicious code.
If I have helped you solve a problem, please add [SOLVED] to your first post title, it helps other users looking for help, and keeps the forum clean.
Regards,
Deepak

I am using Mint 19.3 Cinnamon 64 bit with AMD A8/7410 processor . Memory 8GB

User avatar
trytip
Level 12
Level 12
Posts: 4207
Joined: Tue Jul 05, 2016 1:20 pm

Re: Dirty cow Exploit patches

Post by trytip »

why are people so caught up in this dirty cow thing. you have a better chance of winning the lottery than to be exploited with this vulnerability. sure it's embarrassing this was on the back burner for a decade but users tend to over emphasize when they hear any words that have hacker or exploited in it even though they don't really understand what it really means to be hacked.
Image

turtlebay
Level 5
Level 5
Posts: 630
Joined: Mon Apr 01, 2013 12:33 pm

Re: Dirty cow Exploit patches

Post by turtlebay »

karlchen wrote:
It is simply not feasible in terms of needed manpower to recreate and deploy new ISO's everytime a new kernel has been released that fixes a security vulnerability.
The reason I asked is because anyone new coming to Linux Mint (or presumably Ubuntu) probably will not have heard about Dirty Cow and will not know about the need to install a clean kernel. Just what the hackers are waiting for? :(

deepakdeshp
Level 16
Level 16
Posts: 6448
Joined: Sun Aug 09, 2015 10:00 am

Re: Dirty cow Exploit patches

Post by deepakdeshp »

trytip wrote:why are people so caught up in this dirty cow thing. you have a better chance of winning the lottery than to be exploited with this vulnerability. sure it's embarrassing this was on the back burner for a decade but users tend to over emphasize when they hear any words that have hacker or exploited in it even though they don't really understand what it really means to be hacked.

One doesnt need to be a fhacker himself to understand the intricacies of hacking. And I did some tinkering with Kali Linux which is the queen of hacker tools.What I understand is, when you are hacked, your system, security and other things like bank details mail id, credit cards etc can be at stake.
Theer are articles as given below. Either it is too much hype and overblown or it is true.
https://www.hackread.com/dirty-cow-the-most-linux-bug/
Most serious bug in 9 years! It should certainly be talked about and the patches should be rolled out ASAP. Absolutely no harm, if people are aware IMHO.
If I have helped you solve a problem, please add [SOLVED] to your first post title, it helps other users looking for help, and keeps the forum clean.
Regards,
Deepak

I am using Mint 19.3 Cinnamon 64 bit with AMD A8/7410 processor . Memory 8GB

turtlebay
Level 5
Level 5
Posts: 630
Joined: Mon Apr 01, 2013 12:33 pm

Re: Dirty cow Exploit patches

Post by turtlebay »

karlchen wrote:
It is simply not feasible in terms of needed manpower to recreate and deploy new ISO's everytime a new kernel has been released that fixes a security vulnerability.
I would have thought it is simplicity itself to patch the ISOs.

Install a system from the existing ISO, install the new kernel and remove the old one, restart and then run aptoncd and save the new ISO. Replace new ISO on all mirrors.

If Admin are not prepared to do this then then completely destroys the boast that Linux is free from attacks! How will they be able to hold their heads up when a Mint newbie complains that their new system has been hacked?

User avatar
Pjotr
Level 21
Level 21
Posts: 14184
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Dirty cow Exploit patches

Post by Pjotr »

turtlebay wrote:
karlchen wrote:
It is simply not feasible in terms of needed manpower to recreate and deploy new ISO's everytime a new kernel has been released that fixes a security vulnerability.
I would have thought it is simplicity itself to patch the ISOs.

Install a system from the existing ISO, install the new kernel and remove the old one, restart and then run aptoncd and save the new ISO. Replace new ISO on all mirrors.

If Admin are not prepared to do this then then completely destroys the boast that Linux is free from attacks! How will they be able to hold their heads up when a Mint newbie complains that their new system has been hacked?
That just makes no sense at all. :shock:

There's no big Linux distro that I know of, that respins its iso's in cases like this. As karlchen already indicated, the stability testing (against a wide range of hardware combinations) of the updated and respun iso's would simply take too much time and effort. Not to mention that this would have to be repeated over and over again, with each new vulnerability.

Not even a huge company like Microsoft does this for Windows, for the very same reason.

You're supposed to simply install the outdated iso and then immediately install all the available updates. That's enough for adequate security. What's the big deal?
Last edited by Pjotr on Fri Oct 28, 2016 5:41 pm, edited 1 time in total.
Tip: 10 things to do after installing Linux Mint 19.3 Tricia
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.

User avatar
trytip
Level 12
Level 12
Posts: 4207
Joined: Tue Jul 05, 2016 1:20 pm

Re: Dirty cow Exploit patches

Post by trytip »

the thing is people are so preoccupied with hackers getting their bank essentials from the hard drive they forget to actually protect themselves while online banking in a browser which is MUCH more vulnerable and being exploited as we speak.

@turtlebay
that link to the dirtycow news and most tech/social news sites have about 26 trackers and privacy violators that exploit the user by collecting personal data without any consent which is included in cookies or html canvas fingerprinting, webrtc ip tracking or flash player cookies. but none the less users give full permission to these tracking companies which can then access your medical history or purchases made online.
Image

deepakdeshp
Level 16
Level 16
Posts: 6448
Joined: Sun Aug 09, 2015 10:00 am

Re: Dirty cow Exploit patches

Post by deepakdeshp »

This has put billions of users at risj if you consider smart phones, raspberries,intelligent devices using the Kernel.

It is impssible to patch most of them as the users using them are not tech savy at all. The patches have to be pushed to these devices rather than the users installing them,as many will not be aware of this bug. Pushing the patches will have challenges and I dont think it will ever happen.

We are forced to admit that the bug not only bothers windows but also has hit Linux hard.
If I have helped you solve a problem, please add [SOLVED] to your first post title, it helps other users looking for help, and keeps the forum clean.
Regards,
Deepak

I am using Mint 19.3 Cinnamon 64 bit with AMD A8/7410 processor . Memory 8GB

User avatar
MartyMint
Level 5
Level 5
Posts: 951
Joined: Thu Dec 27, 2012 10:50 pm

Re: Dirty cow Exploit patches

Post by MartyMint »

trytip wrote:why are people so caught up in this dirty cow thing.

Because hysteria, that's why.

turtlebay
Level 5
Level 5
Posts: 630
Joined: Mon Apr 01, 2013 12:33 pm

Re: Dirty cow Exploit patches

Post by turtlebay »

Pjotr wrote:
You're supposed to simply install the outdated iso and then immediately install all the available updates. That's enough for adequate security. What's the big deal?
Ask yourself why it is recommended for newbies to only use Levels 1, 2, and 3 updates in the Newbie section. The new kernel is only offered in level 5.

I reiterate, why is it so difficult to replace the ISOs with the clean kernel? I ran through the easy way to do it, it wouldn't take one person an hour to do that and we'd know that we were putting out a clean ISO with a clean kernel.

It would also prove that the admin were trustworthy.

Cosmo.
Level 23
Level 23
Posts: 17827
Joined: Sat Dec 06, 2014 7:34 am

Re: Dirty cow Exploit patches

Post by Cosmo. »

A new ISO has to be carefully tested, this takes more time and more man-power. The other point is, that this only of limited use. Existing users would hardly like to do a fresh install because of updating the kernel, more or less short after an ISO has been released a newer kernel will be offered (and than? again a new installation?) and the Linux kernel tool in the update manager makes it very easy to install a newer version and is not dependent from the level settings.

User avatar
Lucap
Level 5
Level 5
Posts: 913
Joined: Tue May 24, 2016 1:40 am

Re: Dirty cow Exploit patches

Post by Lucap »

Linux kernel set to get live patching in release 3.20

http://www.theregister.co.uk/2015/02/11 ... ng_in_320/

Ksplice - allows security patches to be applied to a running kernel without the need for reboots.

https://en.wikipedia.org/wiki/Ksplice

Wonder why these never took off?

Post Reply

Return to “Software & Applications”