Search Engine: Elastic

Article ID: 129680, created on Oct 24, 2016, last review on Oct 24, 2016


A root privileges escalation was recently discovered in Linux kernel. An unprivileged local user could use flaw in Linux memory subsystem to gain write access to otherwise read-only memory mappings and thus increase privileges on the system. This vulnerability was identified as CVE-2016-5195 and got unofficial name "Dirty Cow". More information could be obtained on CVE-2016-5195 information page.

How it affects Odin Automation infrastructure

Despite that CVE-2016-5195 affects all Linux kernels since version 2.6.22 and could be reproduced on all distributions.

In Odin Automation environment components at most risk are:

  1. Shared web hosting (NG and legacy), since users may have SSH access to their webspaces.
  2. Virtuozzo/PCS-based servers included in Odin Automation for Cloud Infrastructure
  3. RedHat/CentOS-based virtual machines and containers provided by OACI module


Please, follow instructions from the following dedicated articles to ensure that your system is protected from CVE-2016-5195:

  1. CloudLinux instructions.
  2. RedHat and CentOS instructions.
  3. Virtuozzo already released updates for Virtuozzo 6.0, Virtuozzo Containers 4.7 and Parallels Server Bare Metal 5.0.

Email subscription for changes to this article
Save as PDF