JavaDevGuy
Posts: 9
Joined: Fri May 02, 2014 6:00 am

Dirty Cow bug fix in place?

Fri Oct 21, 2016 4:13 pm

Is there a fix for the 'dirty cow' bug in the Raspian code base? I have several devices running and this issue sounds like a serious one but I was not sure where I should look to find out about the latest patches. If you know where I can look for those please just let me know. Thanks.

User avatar
DougieLawson
Posts: 30431
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website

Re: Dirty Cow bug fix in place?

Fri Oct 21, 2016 4:52 pm

sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.
Microprocessor, Raspberry Pi & Arduino Hacker
Mainframe database troubleshooter
MQTT Evangelist
Twitter: @DougieLawson

Since 2012: 1B*5, 2B*2, B+, A+, Zero*2, 3B*3

Please post ALL technical questions on the forum. Do not send private messages.

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 4738
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Fri Oct 21, 2016 5:05 pm


JavaDevGuy
Posts: 9
Joined: Fri May 02, 2014 6:00 am

Re: Dirty Cow bug fix in place?

Sat Oct 22, 2016 12:59 am

Great news, thx... time to update!
DougieLawson wrote:sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.

miamia
Posts: 119
Joined: Sun Feb 02, 2014 12:16 pm

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:10 am

DougieLawson wrote:sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.
Hi there, can I update Raspbian Wheezy with the same command?
Wheezy is 3.10.25+ kernel but Dougie commented that this fix is for 4.4.26.

User avatar
fruitoftheloom
Posts: 15065
Joined: Tue Mar 25, 2014 12:40 pm
Location: Bognor Regis UK

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:49 am

miamia wrote:
DougieLawson wrote:sudo rpi-update includes a commit https://github.com/raspberrypi/linux/co ... 52b94d22fb that updates the COW processing in the 4.4.26 kernel.
Hi there, can I update Raspbian Wheezy with the same command?
Wheezy is 3.10.25+ kernel but Dougie commented that this fix is for 4.4.26.
Wheezy is end of life, but in Wheezy the only way to update kernel / firmware is to run:

Code: Select all

sudo rpi-update
So give it a try and hope !

Code: Select all

uname -a
My only "PC" is an Asus ChromeBit running ChromeOS, cloudcentric at its best !
Rockchip Quad-Core RK3288C SoC as used in ASUS Chromebook C201 & Chromebook Flip C100PA as well as the Tinker SBC.
3 Mobile Huawei E5330 Mobile Mi-Fi

User avatar
rpdom
Posts: 11824
Joined: Sun May 06, 2012 5:17 am
Location: Essex, UK

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:59 am

This exploit only affects systems where the attacker can gain access (as any user) to run code directly. It isn't one where there is a "backdoor" method of gaining access.

If you have secured your Pi properly (at the very least change default the "pi" password), you're very unlikely to be affected.

If your haven't secured your Pi by changing the password and you have it connected directly to the internet (not via a router), you have a lot more to worry about than this exploit.

Most people will have routers that block incoming connections and should be safe.

wqtr3
Posts: 1
Joined: Sun Oct 23, 2016 7:10 pm

Re: Dirty Cow bug fix in place?

Sun Oct 23, 2016 7:50 pm

rpdom wrote:This exploit only affects systems where the attacker can gain access (as any user) to run code directly. It isn't one where there is a "backdoor" method of gaining access.
This is a pretty dumb statement. Dirty Cow allows any local user to gain root privileges. Bad enough.
I don't know what your understanding of security is. If somebody compromises my web server (let's say, a
remote code execution backdoor or bug), yes, this person
could (under normal circumstances) probably delete some/most of my website, look at all my www files, but
would not be able to reboot or load a kernel driver or whatever root can do and others can't.
He couldn't even steal my private keys!
If you have secured your Pi properly (at the very least change default the "pi" password), you're very unlikely to be affected.
Wow, this is 2016 and the only security measure we need is change the default password. And then
we call this "properly securing your pi".
You're probably using a properly secured Windows XP and Ubuntu in a VM and are part of the big
DDoS attacks we could see in the past few months without even knowing...

This bug is already exploited in the wild! This is how they spotted it.
It took my raspberry pi offline and I wait for a kernel update or maybe I'll go through the pain and build it myself.

I hope a fix comes soon, it's literally two lines. Is this so hard to do? Or is this too much to ask for?

jdb
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 1704
Joined: Thu Jul 11, 2013 2:37 pm

Re: Dirty Cow bug fix in place?

Mon Oct 24, 2016 3:00 pm

wqtr3: read the github issue. rpi-update contains the fix, the raspberrypi-kernel package will be updated in due course.
Rockets are loud.
https://astro-pi.org

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 4738
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Mon Oct 24, 2016 3:05 pm

It has been pushed already. It's just that it take a little while for it to show up in the repo.

User avatar
micksulley
Posts: 122
Joined: Sat Mar 03, 2012 11:48 am
Location: Melton Mowbray, England

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 1:13 pm

I have several pi's and have just tried to update them all
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get install raspberrypi-kernel

All but one are fine, but on that one I get
E: Unable to locate package raspberrypi-kernel

On that one I also ran
sudo rpi-update
but I still get the same problem

Any idea how to fix this?

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 4738
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 1:19 pm

micksulley wrote:I have several pi's and have just tried to update them all
sudo apt-get update
sudo apt-get upgrade
sudo apt-get dist-upgrade
sudo apt-get install raspberrypi-kernel

All but one are fine, but on that one I get
E: Unable to locate package raspberrypi-kernel

On that one I also ran
sudo rpi-update
but I still get the same problem

Any idea how to fix this?
Output of 'apt-cache policy'?

User avatar
micksulley
Posts: 122
Joined: Sat Mar 03, 2012 11:48 am
Location: Melton Mowbray, England

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 1:49 pm

Code: Select all

gene@pi-geneweb ~ $ apt-cache policy
Package files:
 100 /var/lib/dpkg/status
     release a=now
 500 http://archive.raspberrypi.org/debian/ wheezy/main armhf Packages
     release o=Raspberry Pi Foundation,a=oldstable,n=wheezy,l=Raspberry Pi Foundation,c=main
     origin archive.raspberrypi.org
 500 http://raspberrypi.collabora.com/ wheezy/rpi armhf Packages
     release o=Collabora,n=wheezy,l=Collabora Raspberry Pi graphics enablement,c=rpi
     origin raspberrypi.collabora.com
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/rpi armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=rpi
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/non-free armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=non-free
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/contrib armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=contrib
     origin mirrordirector.raspbian.org
 500 http://mirrordirector.raspbian.org/raspbian/ wheezy/main armhf Packages
     release v=7.0,o=Raspbian,a=oldstable,n=wheezy,l=Raspbian,c=main
     origin mirrordirector.raspbian.org
Pinned packages:
gene@pi-geneweb ~ $ 

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 4738
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 2:00 pm

We don't support wheezy. rpi-update alone should be enough to fix the bug, but I can't promise that it will work.

User avatar
micksulley
Posts: 122
Joined: Sat Mar 03, 2012 11:48 am
Location: Melton Mowbray, England

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 2:26 pm

I'm not sure how this has happened, I looked at the others as well and they are Jessie. How can I upgrade this one to Jessie? I tried
sudo apt-get dist-upgrade
but it says nothing to upgrade.

ShiftPlusOne
Raspberry Pi Engineer & Forum Moderator
Raspberry Pi Engineer & Forum Moderator
Posts: 4738
Joined: Fri Jul 29, 2011 5:36 pm
Location: The unfashionable end of the western spiral arm of the Galaxy

Re: Dirty Cow bug fix in place?

Tue Oct 25, 2016 2:29 pm

Make sure you have a backup before you start.
viewtopic.php?f=66&t=121880

User avatar
fruitoftheloom
Posts: 15065
Joined: Tue Mar 25, 2014 12:40 pm
Location: Bognor Regis UK

Re: Dirty Cow bug fix in place?

Wed Oct 26, 2016 12:09 pm

My only "PC" is an Asus ChromeBit running ChromeOS, cloudcentric at its best !
Rockchip Quad-Core RK3288C SoC as used in ASUS Chromebook C201 & Chromebook Flip C100PA as well as the Tinker SBC.
3 Mobile Huawei E5330 Mobile Mi-Fi

klricks
Posts: 4866
Joined: Sat Jan 12, 2013 3:01 am
Location: Grants Pass, OR, USA
Contact: Website

Re: Dirty Cow bug fix in place?

Wed Oct 26, 2016 12:26 pm

micksulley wrote:.........
sudo apt-get install raspberrypi-kernel

All but one are fine, but on that one I get
E: Unable to locate package raspberrypi-kernel

On that one I also ran
sudo rpi-update
but I still get the same problem

Any idea how to fix this?
Do not do that command. It's not needed even if it did work.
Simply do the following and the new kernel will be installed.

Code: Select all

sudo apt-get update
sudo apt-get upgrade
Go here for my RPi writeup. Basic config, Serial Port add-on etc:
http://blackeagle12.net/Comp/RPi/Rpi.html Click contact icon then world icon --->

Return to “Raspbian”

Who is online

Users browsing this forum: No registered users and 21 guests