Dirty COW (CVE-2016-5195) is a privilege escalation vulnerability that Linux Kernel has and exists since 2005. CVE stands for Common Vulnerabilities and Exposures).
The explanation why this can be referred as Dirty COW is as a result of a race condition that was found in Linux kernels memory subsystem, handled the copy-on-write (COW) breakage of private read-only memory mappings. That means that a local user that did not have the privilege, could use this flaw for gaining access to read only memory mappings.
It was recently discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges. What this means in summary is that NVIDIA graphics drivers could be made to run programs as an administrator. This vulnerability affects the following drivers:
nvidia-graphics-drivers-304 nvidia-graphics-drivers-304-updates nvidia-graphics-drivers-340 nvidia-graphics-drivers-340-updates nvidia-graphics-drivers-352 nvidia-graphics-drivers-352-updates vulnerability A security issue affects these releases of Ubuntu and its derivatives:
Find more details and update instructions:
Amazon Linux AMI: https://aws.amazon.com/amazon-linux-ami/security-bulletins/ALAS-2014-320/ Red Hat: https://rhn.redhat.com/errata/RHSA-2014-0376.html Ubuntu: http://www.ubuntu.com/usn/usn-2165-1/ For more information about this vulnerability, please visit
AWS Security Bulletin page: https://aws.amazon.com/security/security-bulletins/ OpenSSL’s official advisory: www.openssl.org/news/secadv_20140407.txt/ The Heartbleed Bug: http://heartbleed.com/ Verify VulnerabilityFilippo Valsorda’s online tool: [button link=”http://filippo.io/Heartbleed/” color=”primary” class=”sys_btn”]Filippo Valsorda’s online tool[/button]
Qualys online SSL scanner: [button link=”https://www.ssllabs.com/ssltest/” color=”primary” class=”sys_btn”]Qualys online SSL scanner[/button]
Google Chrome’s extension: [button link=”https://chrome.