We’ve received word of a vulnerability within the Linux operating system that will affect most of the versions in use on web servers across the globe (at the time of writing).

Known by its technical name of CVE-2016-5195, with the alias of ‘Dirty COW’, it is a privilege escalation vulnerability in the Linux Kernel that can allow a local user (like a web hosting account) to gain root access to the server.  This can also be a huge problem if your Magento store, web site or other software installation is compromised and the attacker has the ability to upload files to your server or hosting account.

The vulnerability is present in all major Linux Operating Systems and security researchers have detected in the wild (ITW) attacks even before security patches were released by the various operating systems.


How do I solve this problem?

Thankfully, the fix for this problem is relatively easy.  If you manage your own server, you will need to update the kernel (and reboot your server) once the security patch is issued by your operating system providers.  If you haven’t yet checked for a recent version of your OS, you need to do it now.

If you do not manage your own server or if you are using shared hosting, contact your server administrator or hosting provider to make sure that you are protected against this vulnerability.


Where can I find more information?

The following links are available for different operating systems, detailing the required responses – please follow them below;


OS Information link
CentOS/RedHat https://access.redhat.com/security/cve/cve-2016-5195
Debian https://security-tracker.debian.org/tracker/CVE-2016-5195
Ubuntu http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html
SUSE https://www.suse.com/security/cve/CVE-2016-5195.html



Where can I get more help?

As always, if you need more help with this problem – please contact us.  If your web hosting is managed by us or one of our partners then you can rest assured that we are already dealing with, or likely by the time you read this, have dealt with the issue.