Update your openSUSE very soon - Dirty Cow vulnerability

CVE-2016-5195

Is all the talk this past week…
When not stepped on by the IoT Dyn botnet attack.

This website including exploit code example (There are many more published examples of exploit code)
https://dirtycow.ninja/

Some highlights

  • Affects anything running on a Linux kernel since 2007 (I assume since approx kernel v2.5.x) and that includes Linux derivatives like Android. Curiously, BSD kernels and derivatives like Apple may not be affected.
  • Scope and impact - Elevation to “near” root permissions.

From what I can see, it looks like SUSE/openSUSE is on top of this, and should be pushing out the patch soon if not already, although the vulnerability is based on on the kernel version and not openSUSE version, openSUSE seems to be saying that “all” openSUSE is affected but lists only going back to 13.1 (maybe should be restated as “all currently supported?”), I’m sure that if anyone is still running something like 12.1/12.2/12.3 those would also be affected.
https://www.suse.com/security/cve/CVE-2016-5195.html

Curiously if someone is running an ancient (monolithic?) kernel, they might not be affected.

And, of course this almost certainly is just another attack vector for those same IoT devices that were used by the Mirai botnet attack on Dyn.

Bottom line, update your systems and make sure your kernel is replaced in one of those updates when it becomes available (assuming very, very soon). Don’t wait. And, if anyone is running an unsupported version of openSUSE, this makes the decision to upgrade and replace <absolutely> critical and not just “highly recommended.”

TSU

I take it 42.2 will be patched against it?. With Kernel 4.6

Of course it will. And no, with kernel 4.4

Sorry, my bad.

If you installed 42.2 RC1, then an update was released for this. Try running online updates. And no, not a 4.6 kernel.