JavaDevGuy
Posts: 9
Joined: Fri May 02, 2014 6:00 am

Dirty Cow bug fix in place?

Fri Oct 21, 2016 4:13 pm

Is there a fix for the 'dirty cow' bug in the Raspian code base? I have several devices running and this issue sounds like a serious one but I was not sure where I should look to find out about the latest patches. If you know where I can look for those please just let me know. Thanks.

User avatar
DougieLawson
Posts: 33621
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: Dirty Cow bug fix in place?

Fri Oct 21, 2016 4:52 pm

sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

2012-18: 1B*5, 2B*2, B+, A+, Z, ZW, 3Bs*3, 3B+

Any DMs sent on Twitter will be answered next month.

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Fri Oct 21, 2016 5:05 pm


JavaDevGuy
Posts: 9
Joined: Fri May 02, 2014 6:00 am

Re: Dirty Cow bug fix in place?

Sat Oct 22, 2016 12:59 am

Great news, thx... time to update!
DougieLawson wrote:sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.

miamia
Posts: 119
Joined: Sun Feb 02, 2014 12:16 pm

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:10 am

DougieLawson wrote:sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.
Hi there, can I update Raspbian Wheezy with the same command?
Wheezy is 3.10.25+ kernel but Dougie commented that this fix is for 4.4.26.

fruitoftheloom
Posts: 17299
Joined: Tue Mar 25, 2014 12:40 pm

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:49 am

miamia wrote:
DougieLawson wrote:sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.
Hi there, can I update Raspbian Wheezy with the same command?
Wheezy is 3.10.25+ kernel but Dougie commented that this fix is for 4.4.26.
Wheezy is end of life, but in Wheezy the only way to update kernel / firmware is to run:

Code: Select all

sudo rpi-update
So give it a try and hope !

Code: Select all

uname -a
Adieu

User avatar
rpdom
Posts: 12749
Joined: Sun May 06, 2012 5:17 am
Location: Ankh-Morpork

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:59 am

This exploit only affects systems where the attacker can gain access (as any user) to run code directly. It isn't one where there is a "backdoor" method of gaining access.

If you have secured your Pi properly (at the very least change default the "pi" password), you're very unlikely to be affected.

If your haven't secured your Pi by changing the password and you have it connected directly to the internet (not via a router), you have a lot more to worry about than this exploit.

Most people will have routers that block incoming connections and should be safe.

wqtr3
Posts: 1
Joined: Sun Oct 23, 2016 7:10 pm

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:50 pm

rpdom wrote:This exploit only affects systems where the attacker can gain access (as any user) to run code directly. It isn't one where there is a "backdoor" method of gaining access.
This is a pretty dumb statement. Dirty Cow allows any local user to gain root privileges. Bad enough.
I don't know what your understanding of security is. If somebody compromises my web server (let's say, a
remote code execution backdoor or bug), yes, this person
could (under normal circumstances) probably delete some/most of my website, look at all my www files, but
would not be able to reboot or load a kernel driver or whatever root can do and others can't.
He couldn't even steal my private keys!
If you have secured your Pi properly (at the very least change default the "pi" password), you're very unlikely to be affected.
Wow, this is 2016 and the only security measure we need is change the default password. And then
we call this "properly securing your pi".
You're probably using a properly secured Windows XP and Ubuntu in a VM and are part of the big
DDoS attacks we could see in the past few months without even knowing...

This bug is already exploited in the wild! This is how they spotted it.
It took my raspberry pi offline and I wait for a kernel update or maybe I'll go through the pain and build it myself.

I hope a fix comes soon, it's literally two lines. Is this so hard to do? Or is this too much to ask for?

jdb
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 1783
Joined: Thu Jul 11, 2013 2:37 pm

Re: Dirty Cow bug fix in place?

Mon Oct 24, 2016 3:00 pm

wqtr3: read the github issue. rpi-update contains the fix, the raspberrypi-kernel package will be updated in due course.
Rockets are loud.
https://astro-pi.org

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Mon Oct 24, 2016 3:05 pm

It has been pushed already. It's just that it take a little while for it to show up in the repo.

User avatar
micksulley
Posts: 134
Joined: Sat Mar 03, 2012 11:48 am
Location: Melton Mowbray, England

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 1:13 pm

I have several pi's and have just tried to update them all
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get install raspberrypi-kernel

All but one are fine, but on that one I get
E: Unable to locate package raspberrypi-kernel

On that one I also ran
sudo rpi-update
but I still get the same problem

Any idea how to fix this?

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 1:19 pm

micksulley wrote:I have several pi's and have just tried to update them all
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get install raspberrypi-kernel

All but one are fine, but on that one I get
E: Unable to locate package raspberrypi-kernel

On that one I also ran
sudo rpi-update
but I still get the same problem

Any idea how to fix this?
Output of 'apt-cache policy'?

User avatar
micksulley
Posts: 134
Joined: Sat Mar 03, 2012 11:48 am
Location: Melton Mowbray, England

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 1:49 pm

Code: Select all

[email protected] ~ $ apt-cache policy
Package files:
 100 /var/lib/dpkg/status
     release a=now
 500 http://archive.raspberrypi.org/debian/ wheezy/main armhf Packages
     release o=Raspberry Pi Foundation,a=oldstable,n=wheezy,l=Raspberry Pi Foundation,c=main
     origin archive.raspberrypi.org
 500 http://raspberrypi.collabora.com/ wheezy/rpi armhf Packages
     release o=Collabora,n=wheezy,l=Collabora Raspberry Pi graphics enablement,c=rpi
     origin raspberrypi.collabora.com
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/rpi armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=rpi
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/non-free armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=non-free
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/contrib armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=contrib
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/main armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=main
     origin mirrordirector.raspbian.org
Pinned packages:
[email protected] ~ $ 

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 2:00 pm

We don't support wheezy. rpi-update alone should be enough to fix the bug, but I can't promise that it will work.

User avatar
micksulley
Posts: 134
Joined: Sat Mar 03, 2012 11:48 am
Location: Melton Mowbray, England

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 2:26 pm

I'm not sure how this has happened, I looked at the others as well and they are Jessie. How can I upgrade this one to Jessie? I tried
sudo apt-get dist-upgrade
but it says nothing to upgrade.

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 5240
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 2:29 pm

Make sure you have a backup before you start.
viewtopic.php?f=66&t=121880


klricks
Posts: 5778
Joined: Sat Jan 12, 2013 3:01 am
Location: Grants Pass, OR, USA
Contact: Website

Re: Dirty Cow bug fix in place?

Wed Oct 26, 2016 12:26 pm

micksulley wrote:.........
sudo apt-get install raspberrypi-kernel

All but one are fine, but on that one I get
E: Unable to locate package raspberrypi-kernel

On that one I also ran
sudo rpi-update
but I still get the same problem

Any idea how to fix this?
Do not do that command. It's not needed even if it did work.
Simply do the following and the new kernel will be installed.

Code: Select all

sudo apt-get update
sudo apt-get upgrade
Unless specified otherwise my response is based on the latest and fully updated Raspbian Stretch w/ Desktop OS.

Return to “Raspbian”

Who is online

Users browsing this forum: gennargiu, Rasilon and 16 guests