Slackware This Forum is for the discussion of Slackware Linux.
|
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
|
10-21-2016, 11:40 AM
|
#1
|
Guru
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,430
|
Dirty cow kernel exploit
Reading about this today. I'm guessing we'll have a patch for this kernel exploit in the near future. Are we vulnerable to this?
http://www.theregister.co.uk/2016/10...calation_hole/
|
|
|
10-21-2016, 12:49 PM
|
#2
|
LQ Veteran
Registered: May 2008
Posts: 7,067
|
Yes, I think it's safe to assume that if you're using one of the currently shipping slackware kernels you're vulnerable. This thing sounds like it's been lurking in the kernel for the best part of a decade.
The fix is included in the latest kernel.org releases (though judging by some of the comments in the lwn thread it looks like they tried to slip it in under the radar, which is not at-all good!):
http://lwn.net/Articles/704078/
I don't use Pat's kernels, and have already updated to 4.8.3 because of this.
Last edited by GazL; 10-22-2016 at 05:48 AM.
|
|
3 members found this post helpful.
|
10-21-2016, 01:27 PM
|
#3
|
Guru
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,430
Original Poster
|
Quote:
Originally Posted by GazL
Yes, I think it's safe to assume that if you're using one of the currently shipping slackware kernels you're vulnerable.
|
Thanks mate! I'll be booting into my BSD partition until this is dealt with.
|
|
|
10-21-2016, 02:02 PM
|
#4
|
Member
Registered: Nov 2008
Location: US
Distribution: slackware
Posts: 809
|
From what I have seen, this is a local exploit. Am I wrong ?
Granted it is serious, but for workstation use I would say nothing to worry about if you trust your users (or yourself if single user )
John
|
|
3 members found this post helpful.
|
10-21-2016, 03:23 PM
|
#5
|
LQ Veteran
Registered: May 2008
Posts: 7,067
|
The concern is that an exploit for this vulnerability may be included in the payload of an unrelated web-browser, media player, java, flashplayer, pdf-reader, etc. exploit. The upshot being that until this is patched you're effectively flying without your usual "Well, at least I'm not root" safety-net.
|
|
5 members found this post helpful.
|
10-21-2016, 05:08 PM
|
#6
|
Guru
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,430
Original Poster
|
Quote:
Originally Posted by GazL
The concern is that an exploit for this vulnerability may be included in the payload of an unrelated web-browser, media player, java, flashplayer, pdf-reader, etc. exploit. The upshot being that until this is patched you're effectively flying without your usual "Well, at least I'm not root" safety-net.
|
Thanks for the clarification.
|
|
1 members found this post helpful.
|
10-21-2016, 06:23 PM
|
#7
|
Senior Member
Registered: Jan 2008
Location: Urbana IL
Distribution: Slackware, Slacko,
Posts: 3,716
|
The only people that know or known about that exploit are the people that test against it. Those people are part of the kernel team look it up.
so this is why linus never talks about these problems. Why should his best hackers work for him. relax. Let the cow come home.
|
|
2 members found this post helpful.
|
10-21-2016, 07:25 PM
|
#8
|
LQ Newbie
Registered: Mar 2014
Posts: 26
Rep:
|
Quote:
Originally Posted by Drakeo
The only people that know or known about that exploit are the people that test against it. Those people are part of the kernel team look it up.
so this is why linus never talks about these problems. Why should his best hackers work for him. relax. Let the cow come home.
|
There's probably more problems in the linux kernel than we want to know. They said this exploit has been in the linux kernel for the past 9 years.
|
|
1 members found this post helpful.
|
10-21-2016, 07:27 PM
|
#9
|
Guru
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,430
Original Poster
|
Quote:
Originally Posted by Drakeo
relax. Let the cow come home.
|
Thanks for your concern. I'm okay.
|
|
1 members found this post helpful.
|
10-21-2016, 08:45 PM
|
#10
|
Senior Member
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860
|
According to the initial article, if /proc/self/mem is writable then you can be exploited.
|
|
|
10-21-2016, 08:55 PM
|
#11
|
Senior Member
Registered: Jan 2008
Location: Urbana IL
Distribution: Slackware, Slacko,
Posts: 3,716
|
"how do you write to mem" According to the initial article, if /proc/self/mem is writable then you can be exploited. Let me explain how to write to mem. you must be 0. That means sitting at your computer. Buffer over flow oh you think that is happening mmmmm chew on some grass look at the code it is open. if you use ubuntu better watch out. sheep chewing.
|
|
|
10-21-2016, 09:10 PM
|
#12
|
Guru
Registered: Mar 2004
Location: Canada
Distribution: Slackware (desktops), Void (thinkpad)
Posts: 7,430
Original Poster
|
Quote:
Originally Posted by Drakeo
if you use ubuntu better watch out. sheep chewing.
|
Ubuntu has offered a patch for the vulnerability.
|
|
|
10-21-2016, 09:21 PM
|
#13
|
Member
Registered: May 2010
Location: Stumptown
Distribution: Slackware64
Posts: 583
|
Quote:
Originally Posted by Drakeo
"how do you write to mem" According to the initial article, if /proc/self/mem is writable then you can be exploited. Let me explain how to write to mem. you must be 0. That means sitting at your computer. Buffer over flow oh you think that is happening mmmmm chew on some grass look at the code it is open. if you use ubuntu better watch out. sheep chewing.
|
Is that supposed to be a poem? Are we not all sheep for continuing to use The Torvalds kernel? How many of these are lurking in the deep? Answer: we may never know thanks to his design philosophy.
|
|
1 members found this post helpful.
|
10-21-2016, 10:15 PM
|
#14
|
Senior Member
Registered: Apr 2009
Location: McKinney, Texas
Distribution: Slackware64 15.0
Posts: 3,860
|
Quote:
Originally Posted by Drakeo
"how do you write to mem" According to the initial article, if /proc/self/mem is writable then you can be exploited. Let me explain how to write to mem. you must be 0. That means sitting at your computer. Buffer over flow oh you think that is happening mmmmm chew on some grass look at the code it is open. if you use ubuntu better watch out. sheep chewing.
|
The article described the exploit rather well.
Unlike your comment.
|
|
1 members found this post helpful.
|
10-22-2016, 01:13 AM
|
#15
|
Senior Member
Registered: May 2008
Location: Romania
Distribution: DARKSTAR Linux 2008.1
Posts: 2,727
|
The Dirty COW shit was cleaned up on 4.4.26.
Upgrade yourself to, or come all of yours with loaded guns on Pat's virtual porch, to ask him to be kind do it.
Last edited by Darth Vader; 10-22-2016 at 01:15 AM.
|
|
|
All times are GMT -5. The time now is 03:08 AM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|