Linux users are advised to update their operating systems as soon as possible in order to prevent hackers from utilising a critical security flaw that lets them gain full root access within five seconds. The vulnerability has quietly existed undetected in almost every single version of the open source operating system for the last nine years.
The bug, known as CVE-2016-5195 or "Dirty Cow", is a privilege escalation vulnerability that is located in a section of the Linux kernel that has been included in almost every single distribution of the operating system in the last decade, according to Ars Technica.
The security flaw was patched on Thursday 20 October by the Linux Foundation. It is a big deal because it escalates privileges, so an untrusted user that would ordinarily only have limited access to the read-only memory mappings on a computer, would be able to gain access to write-access rights that are only granted to highly-privileged users.
By having access to those privileges, an attacker could gain much greater control of the machine. Scarily, it is impossible to detect if the exploit has been carried out against machines on your network, because it is very difficult to differentiate whether the privileges are being accessed legitimately by an administrator or not.
The bug can also be combined with other vulnerabilities to do even more damage. So where an SQL injection flaw only allows hackers to run malicious code on a website as an untrusted user, if this vulnerability is added to the privilege escalation bug, then it can be used to give attackers complete root access.
And since Linux is used to control web hosting servers, this means that one web hosting customer can attack another customer, or even the administrators of the web hosting service.
The vulnerability was found by Linux security researcher Phil Oester, who discovered the vulnerability while examining a server that appeared to have been attacked. A website on the server had been compromised, but Oester had set his server to packet capture all inbound HTTP traffic in order to find out the compromise happened, and he discovered the exploit.
He extracted the exploit and tested it in a secure sandboxed environment, discovering that it is possible to gain root access to a targeted computer within five seconds.
"The exploit in the wild is trivial to execute, never fails and has probably been around for years – the version I obtained was compiled with gcc 4.8," Oester told V3. "As Linus [Torvalds] notes in his commit, this is an ancient bug and impacts kernels going back many years. All Linux users need to take this bug very seriously, and patch their systems ASAP."