,

Attention: Dirty Cow Exploit Affects Linux Servers- Information and Instruction

Attention,

A recent exploit known as Dirty Cow has been discovered that affects Linux servers. You can find information regarding this exploit at;

At this time if you have KernelCare your server should already be patched. To check that kernelcare has patched your server you can run the following command.

/usr/bin/kcarectl --info

Your server is patched if see a kernel update that was built on either October 21st or 22nd depending on your OS.

If you do not have KernelCare but wish to add it to your server you can do so by following the instructions here- https://www.kernelcare.com/try_it/install.php

There is no patch for CentOS at this time. When a patch is available we will push the patch to all of our managed customers and update this article accordingly. Once we do push the patch each customer will still need to reboot their server themselves for the patch to be effective.

Please follow the instructions below to check and patch your server for this vulnerability.

Check Vulnerability

Ubuntu/Debian

To find out if your server is affected, check your kernel version.

uname -rv

You’ll see output like this:

 
4.4.0-42-generic #62-Ubuntu SMP Fri Oct 7 23:11:45 UTC 2016

If your version is earlier than the following, you are affected:

  • 4.8.0-26.28 for Ubuntu 16.10
  • 4.4.0-45.66 for Ubuntu 16.04 LTS
  • 3.13.0-100.147 for Ubuntu 14.04 LTS
  • 3.2.0-113.155 for Ubuntu 12.04 LTS
  • 3.16.36-1+deb8u2 for Debian 8
  • 3.2.82-1 for Debian 7
  • 4.7.8-1 for Debian unstable

CentOS

If you’re on CentOS, you can use this script provided by RedHat to test your server’s vulnerability. To do so, first download the script.

wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh

Then run it with bash.

bash rh-cve-2016-5195_1.sh

If you’re vulnerable, you’ll see output like this:

Your kernel is 3.10.0-327.36.1.el7.x86_64 which IS vulnerable.

If your version is earlier than the following, you are affected

  • 2.6.32-642.6.2 for CentOS 6
  • 3.10.0-327.36.3 for CentOS 7

Fix Vulnerability

Ubuntu/Debian

Update and upgrade your packages using apt-get.

sudo apt-get update && sudo apt-get dist-upgrade

You’ll need to reboot your server to apply the changes.

sudo reboot

CentOS 6.x and 7.x (no patch available for Cent 5.x at this time)

To Patch:

yum update -y 
reboot

Test if new kernel is loaded correctly:

bash rh-cve-2016-5195_1.sh 
Your kernel is 3.10.0-327.36.3.el7.x86_64 which is NOT vulnerable.

If you have any questions regarding your server or would like our assistance please open a trouble ticket at https://my.hivelocity.net/login/

Leave a Comment

Your email address will not be published. Required fields are marked *

Related Articles
In the Datacenter

Everything You Need to Know About A Carrier Neutral Data Center

Determining where to establish your company’s infrastructure is a critical decision for any business owner. Carrier neutrality is an essential factor in choosing the right colocation provider for your business. A carrier-neutral data center provides significant benefits, including increased reliability and redundancy, flexibility, and a lower cost of ownership. What …

Continue read
In the Datacenter

What You Need To Know About Data Center Cooling

Ensuring that a facility is operating safely and effectively is a important criteria in the selection process. Due to an incredibly complex infrastructure, data centers can be very energy intensive. Understanding a data center’s cooling structure can help businesses evaluate whether a facility can protect and maintain their IT equipment. …

Continue read
In the Datacenter

Data Center Migration: A Brief Overview

The decision to undergo a data center migration is complex. As a significant change within the business, migrations have the potential to disrupt business operations if the proper preparation and execution measures are not in place. Compiling migration initiatives is essential to mitigating risk during a data center migration and …

Continue read