Page 1 of 1
Dirty COW patch
Posted: 2017/04/07 12:32:31
by rosede
Was there ever a Dirty COW patch released for 6.8? If so, where would I get the patch?
Thanks
Daryl
Re: Dirty COW patch
Posted: 2017/04/07 14:06:05
by stevemowbray
Run "yum update" which will get you all the current patches and updates.
Re: Dirty COW patch
Posted: 2017/04/07 14:19:58
by MartinR
NB and also update you from 6.8 to 6.9.
Re: Dirty COW patch
Posted: 2017/05/25 05:12:06
by CaViCcHi
I think the patch came with kernel > 2.6.32.642 ?
so if you're running that or higher you're cool, otherwise yes
yum update kernel
Re: Dirty COW patch
Posted: 2019/01/09 23:25:18
by ccbamatx
I just got dirty cow'd with firefart... apparently the pokemon exploit of the dirtycow vulnerability.
Problem is, I am running on Centos 6.10 (Final).
Everything I have read suggests that there is no further upgrade path on Centos 6.
Will upgrading to Centos 7 patch this vulnerability?
https://github.com/FireFart/dirtycow/bl ... er/dirty.c
Re: Dirty COW patch
Posted: 2019/01/09 23:35:28
by TrevorH
It's already fixed and has been since
* Mon Oct 24 2016 Phillip Lougher <
plougher@redhat.com> [2.6.32-665.el6]
- [mm] close FOLL MAP_PRIVATE race (Larry Woodman) [1385117] {CVE-2016-5195}
https://access.redhat.com/security/cve/cve-2016-5195
https://access.redhat.com/errata/RHSA-2016:2105 says it was fixed in kernel-2.6.32-642.6.2.el6.x86_64.rpm
The current CentOS 6 kernel is kernel-2.6.32-754.9.1.el6.x86_64 and that output is from rpm -q --changelog. What does
uname -r say on the affected server? If it's less than 2.6.32-642.6.2 then it would have been vulnerable. If not then it wasn't.