{"id":16510,"date":"2016-10-21T17:06:34","date_gmt":"2016-10-21T22:06:34","guid":{"rendered":"http:\/\/bucktownbell.com\/?p=16510"},"modified":"2016-10-23T18:15:57","modified_gmt":"2016-10-23T23:15:57","slug":"most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit-updated","status":"publish","type":"post","link":"http:\/\/bucktownbell.com\/?p=16510","title":{"rendered":"\u201cMost serious\u201d Linux privilege-escalation bug ever is under active exploit"},"content":{"rendered":"<blockquote><p>The vulnerability, a\u00a0variety known as a race condition, was found in the way Linux memory handles a duplication technique called <a href=\"https:\/\/en.wikipedia.org\/wiki\/Copy-on-write\">copy on write<\/a>. Untrusted users can exploit it to gain highly privileged write-access rights to memory mappings that would normally be read-only. More technical details about the vulnerability and exploit are available <a href=\"https:\/\/access.redhat.com\/security\/vulnerabilities\/2706661\">here<\/a>, <a href=\"https:\/\/bugzilla.redhat.com\/show_bug.cgi?id=1384344#c16\">here<\/a>, and <a href=\"https:\/\/github.com\/dirtycow\/dirtycow.github.io\/wiki\/VulnerabilityDetails\">here<\/a>. Using the acronym derived from copy on write, some researchers have dubbed the vulnerability Dirty COW.<\/p><\/blockquote>\n<p>Source: <em><a href=\"http:\/\/arstechnica.com\/security\/2016\/10\/most-serious-linux-privilege-escalation-bug-ever-is-under-active-exploit\/\">\u201cMost serious\u201d Linux privilege-escalation bug ever is under active exploit (updated)<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The vulnerability, a\u00a0variety known as a race condition, was found in the way Linux memory handles a duplication technique called copy on write. Untrusted users can exploit it to gain highly privileged write-access rights to memory mappings that would normally &hellip; <a href=\"http:\/\/bucktownbell.com\/?p=16510\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[35],"tags":[942,1125,61,698],"class_list":["post-16510","post","type-post","status-publish","format-standard","hentry","category-operating-systems","tag-bugs","tag-exploit-vector","tag-linux","tag-security-research"],"_links":{"self":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16510","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=16510"}],"version-history":[{"count":2,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16510\/revisions"}],"predecessor-version":[{"id":16517,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=\/wp\/v2\/posts\/16510\/revisions\/16517"}],"wp:attachment":[{"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=16510"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=16510"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/bucktownbell.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=16510"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}