---

Linux Kernels 3.16.38, 3.12.66, 3.10.104, and 3.2.83 Patched Against “Dirty COW”

One day later, the maintainers of other supported Linux kernel branches patched the bug, which is dubbed by researchers as “Dirty COW” and documented as CVE-2016-5195. As such, today we’d like to inform those of running GNU/Linux distributions powered by kernels from the Linux 3.16, 3.12, 3.10, and 3.2 series that new updates are available for their systems. The “Dirty COW” vulnerability, which is tagged in the appended shortlogs of the new kernel versions mentioned above as “mm: remove gup_flags FOLL_WRITE games from __get_user_pages()”, was patched by Linus Torvalds himself. The security flaw could have allowed local users to write to any file they can read. In other words, a local attacker could have gained administrative privileges to the affected system.