A nine-year old vulnerability is finally revealed in the popular Linux platform which took everyone by surprise. This vulnerability has been nicknamed Dirty Cow and security experts have asserted that this was introduced as long as nine years but it went unnoticed for such a long. Linux operating is the most widely platform for variety of popular mechanism and platform as well. It lies behind the server on the internet as well it is present in all the Smartphone in one form or another. Dirty Cow as the name suggests can exploit any kind of mechanism through the process of copy-on-write. This has allowed hackers to gain privilege escalation on the Linux based system across the world.
Linux in a nutshell
Linux is a hugely popular open-source operating system which was first developed in 1991 and later on became a force against the Microsoft Windows operating system. Being open-source allows users to modify, install and reuse the Linux operating system without much problem. This has resulted in wide numbers of forked versions and quite incidentally it powers almost every server along with Android OS apart from a considerable number of Internet of Things products.
Dirty Cow bug has been officially named as CVE-2016-5195. A recent study report has stated that it takes about five years before any Linux Dirty Cow bug is found and fixed on this platform. This Dirty Cow bug offers privilege escalation wherein an attacker can easily get a large measure of control over any computer system and later on this control can be leveraged towards getting complete control.
How serious is Dirt Cow?
Research teams have warned the users on global scale about the seriousness of the Dirty Cow as it is not as simple as a day-to-day Dirty Cow bug. The danger issue rise from the Dirty Cow not because of its capability but the very reason that it has been successful in hiding from the eyes of security experts on global level for about a decade. For over nine this vulnerability has concealed itself in the coding and it must be present over millions of computers, websites and Smartphones globally.
Linux issues quick patches for Dirty Cow
This Dirty Cow bug has already been patched by Linux though quick security updates on a variety of Linux versions which includes Ubuntu, Debian and Red Hat. But there are a huge number of versions of Linux and providing patches for all the forked and embedded version of the operating system isn’t viable at all.
So goes true for the Android platform which is based on the Linux Kernel. Though a number of top end Android devices such as Samsung S series, Nexus and Pixel devices tend to get regular security updates but there are huge numbers of devices which still runs on age old Android operating system and doesn’t get latest security patches from Android.
So far Google has remained aloof from making any comments on this issue but it has issued security advisory to the Android partners to come with adequate security patches to protect the Android devices.