Alvorlig sikkerhedsfejl i kernen. Dirty Cow - privilege escalation.

[lath]

.

Den korte version:

• Dirty Cow fejlen er en fejl i (Linux) kernens copy-on-write metode. Fejlen giver superbrugerrettigheder til et program hvis programmet udnytter fejlen (en race condition) i kernens copy-on-write funktion.
• Når der kommer en opdatering af kernen, så skal du straks og omgående installere den, og så reboote!.
• Bemærk at dine routere WiFi hotspots, Android mobiler, og Android tablets også er ramt af fejlen sålænge kernen i de enheder ikke er opdateret
  
  • Afinstaller alle apps der har tjernobyl rettigheder, hvor ...
    Tjernobyl rettigheder er flere rettigheder end en app behøver at have til det den skal lave.
• Du bliver - på grund af fejlen - nødt til at antage at din Ubuntu box (og alt hvad du ellers har) er koblet direkte (sådan da) på internettet, fordi ...
  
  • Din routers firewall er en hullet si, hvis en cracker ude fra det vilde internet kan bliver superbrugeren på din router og så deaktivere routerens firewall.
  • så derfor ...
  • Aktiver firewallen på din Ubuntu box, hvis du ikke allerede har gjort det.

Den lange version (engelsk):

Dubbed Dirty COW, the privilege-escalation vulnerability potentially allows any installed application, or malicious code smuggled onto a box, to gain root-level access and completely hijack the device.

The programming bug gets its name from the copy-on-write mechanism in the Linux kernel; the implementation is so broken, programs can set up a race condition to tamper with what should be a read-only root-owned executable mapped into memory. The changes are then committed to storage, allowing a non-privileged user to alter root-owned files and setuid executables – and at this point, it's game over.

While the flaw is not by itself a gravely serious or uncommon condition – Microsoft fixes priv-esc bugs in Windows practically every month – this vulnerability could prove particularly troublesome: it has been present in the Linux kernel since version 2.6.22 in 2007, and it is very easy to reliably exploit. We're told it is also present in Android, which is powered by the Linux kernel.

Crucially, exploit code to gain administrative control of devices is being used in the wild against internet-facing systems. And a version is now available to infosec professionals. A non-complete proof-of-concept version can be found here that tampers with a file that only root should be able to edit.

... fra The Register: http://www.theregister.co.uk/2016/10/21/linux_privilege_escalation_hole/

Linus Torvalds om fejlen (git commit kommentar):
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

/Lars