ALL SECURITY RELATED TOPICS ON IoT wILL BE POSTED THERE
>> DIRTY COW - LINUX KERNEL EXPLOIT, RISK FOR IOT?
It is scary to know that bug of this severity and so distributed can go
unhandled for so long.
I had a few people ask me about the
exploit and what it means to IoT; so, I figured it was worth a write up.
Dirty Cow, aka CVE 2016-5195 is a low level exploit in the Linux kernel
utilizes a race condition to break read-only memory mappings - allowing
users to gain write access to typically read-only memory mappings on the
system. In a matter of seconds; root based privileges could be
exposed on the target platform making it a hackers resource.
To see how quickly one could use this exploit to gain root access;
watch the following video:
In the traditional Linux world; the risk is low if you simply do not have
third party user accounts (other than your own) on your servers. If you do;
then keeping your kernel up-to-date is a must - in fact, a fix for the
exploit is a
measly few lines
of code. But the easiest way is to upgrade your kernel and patch the
vulnerability. There are a few sample programs that you can run to verify
that the exploit is fixed - available on
ranging from root exploits to modifying read-only files.
So; what about the IoT implications?
I mentioned only a few days ago the increased threat of 0-day exploits
existing operating systems
within your IoT projects. DirtyCow is a Linux specific exploit and there are
a tonne of products that utilize the Linux operating system that will be
vulnerable to this exploit - such as the very popular
Intel Edison IoT development boards. This doesn't include
the millions of CCTV cameras, DVR and routers that utilize Linux.
has announced a kernel patch - other hardware manufacturers should follow suit.
A key factor of this exploit does require a user account on the system where
the hacker will attempt to escalate privileges; but personally, with open
source quite common amongst IoT projects - the risk may be more cynical. It
wouldn't take much for someone to inject some code into open source projects
that goes unnoticed - maintainers of repositories need to watch commits
This doesn't even cover the more serious threat from the largest
mobile operating system available on the market -
with over 87.6% market share in 2016-Q2, the popular mobile platform Android.
Innocent users could have their mobile phones exploited with malicious code
injected into mobile applications that can be distributed by Google Play
or side-loaded - the
threat is real - the exploit started with version 2.6.22, Android 1.0 started
on version 2.6.25 - nasty.
Time for mobile phone manufactures (Samsung, Sony, LG et al) to roll
out kernel updates ASAP.
advertisement (self plug):
need assistance in an IoT project?
for a free consultation.
All content provided on this blog is for informational purposes only.
All comments are generated by users and moderated for inappropriateness periodically.
The owner will not be liable for any losses, injuries, or damages from
the display or use of this information.