Organisations and individuals have been urged to patch Linux servers immediately or risk falling victim to exploits for a Linux kernel security flaw dubbed ‘Dirty COW’. This follows a warning from open source software vendor Red Hat that the flaw is being exploited in the wild. Phil Oester, the Linux security researcher who uncovered the flaw, explained to V3 that the exploit is easy to execute and will almost certainly become more widely used. “The exploit in the wild is trivial to execute, never fails and has probably been around for years – the version I obtained was compiled with gcc 4.8,” he said. “As Linus [Torvalds] notes in his commit, this is an ancient bug and impacts kernels going back many years. All Linux users need to take this bug very seriously, and patch their systems ASAP.” Oester said that he uncovered the exploit for the bug, which has been around since 2007, while examining a server that appeared to have been attacked.
Submitted by: Arnfried Walbrecht