Page 1 of 1

Dirty COW patch

Posted: 2017/04/07 12:32:31
by rosede
Was there ever a Dirty COW patch released for 6.8? If so, where would I get the patch?

Thanks

Daryl

Re: Dirty COW patch

Posted: 2017/04/07 14:06:05
by stevemowbray
Run "yum update" which will get you all the current patches and updates.

Re: Dirty COW patch

Posted: 2017/04/07 14:19:58
by MartinR
NB and also update you from 6.8 to 6.9.

Re: Dirty COW patch

Posted: 2017/05/25 05:12:06
by CaViCcHi
I think the patch came with kernel > 2.6.32.642 ?

so if you're running that or higher you're cool, otherwise yes

yum update kernel

Re: Dirty COW patch

Posted: 2019/01/09 23:25:18
by ccbamatx
I just got dirty cow'd with firefart... apparently the pokemon exploit of the dirtycow vulnerability.

Problem is, I am running on Centos 6.10 (Final).

Everything I have read suggests that there is no further upgrade path on Centos 6.

Will upgrading to Centos 7 patch this vulnerability?

https://github.com/FireFart/dirtycow/bl ... er/dirty.c

Re: Dirty COW patch

Posted: 2019/01/09 23:35:28
by TrevorH
It's already fixed and has been since
* Mon Oct 24 2016 Phillip Lougher <plougher@redhat.com> [2.6.32-665.el6]
- [mm] close FOLL MAP_PRIVATE race (Larry Woodman) [1385117] {CVE-2016-5195}
https://access.redhat.com/security/cve/cve-2016-5195
https://access.redhat.com/errata/RHSA-2016:2105 says it was fixed in kernel-2.6.32-642.6.2.el6.x86_64.rpm

The current CentOS 6 kernel is kernel-2.6.32-754.9.1.el6.x86_64 and that output is from rpm -q --changelog. What does uname -r say on the affected server? If it's less than 2.6.32-642.6.2 then it would have been vulnerable. If not then it wasn't.