Dirty COW Vulnerability

 what is dirty cow vulnerability?

Dirty COW was a vulnerability in the Linux kernel. It allowed processes to write read-only files. This exploit made use of a race condition that lived inside the kernel functions which handle the copy-on-write (COW) feature of memory mappings.

CVE number of dirty cow- CVE-2016-5195

·       About CVE-2016-5195 – A race condition was found in the way the Linux kernel’s memory subsystem handles the copy-on-write breakage of private read-only memory mappings.

·       An attacker would first require access to a shell on the device before they could use this exploit.

What does this vulnerability do?

This vulnerability allows the user to bypass the normal file system protections and write to files that are owned by the system.

Consequences

·       Opens up many avenues for attack,

·       which results in the unprivileged user becoming rooted in the system and,

·        able to access any system resources.

How was it fixed?

Dirty Cow was one of the first security issues transparently fixed in Ubuntu by the Canonical Live Patch Service.

Follow Us Here - Twitter

Location: Delhi, India

Comments

Post a Comment

Popular posts from this blog

Emerging Cyber Crime !!

 In India, cyber crime has emerged a lot. From password hacking to national cyber crime, Cyber crime has evolved a lot. Nowadays money is been transferred by hackers to their account from people accounts unknowingly that this is a crime . This type of Hacking or Hijacking of money of people's bank accounts by hackers is a cyber crime which must be reported in the cyber cell. In India it can be reported on the contact number 1930. MY OWN EXAMPLE Speaking about the last week, my father received a call which said - ' we are speaking from khufiya(undercover) agency, is it your son, he is going to be kidnapped and it can be stopped if my father gave the ransom amount', here my father scolded them knowing that this is a fraud call. But he took notice and asked about me from my mother. After I got to know about this, knowing this is a scam call I reported this in cyber cell (1930). Cyber cell not only takes action on the report but also spread awareness about such incidents. Again...
Read more

BlackRock Scam Explained: How a Telecom Giant Fell for a Phishing & Investment Fraud

Who is BlackRock? BlackRock is a renowned global firm with major operations in New York and London. While it is often associated with finance, in this context we refer to BlackRock’s telecommunication partnerships and its global influence—similar to what Airtel holds in India. However, unlike Airtel, BlackRock recently became a victim of a massive investment and phishing scam. Phishing and Investment Scam: What Happened? According to reports, Indian-origin telecom executive Bankim Brahmbhatt has been linked to an alleged multi-million-dollar fraud involving BlackRock. Here’s how the scam is believed to have unfolded: Brahmbhatt reportedly approached BlackRock claiming he had substantial investments from companies that were mutually associated with the firm. By building trust and maintaining regular communication with BlackRock, he managed to secure a loan of nearly $500 million . To support the claim, spoofed emails were allegedly sent to BlackRock from addresses mimicking o...
Read more

🚨 Generative AI Phishing Attacks in 2026: How AI is Making Cybercrime More Dangerous

Introduction: The Rise of AI-Powered Cyber Threats The year 2026 has introduced powerful advancements in artificial intelligence, but along with innovation comes new cybersecurity risks. Generative AI tools are now being exploited by cybercriminals to create highly convincing phishing attacks, fake login pages, and malicious websites at unprecedented speed. As AI technology becomes more accessible, users must understand that everything online cannot be trusted without proper verification and research. 🤖 How Hackers Use Generative AI for Phishing Attacks Generative AI platforms allow attackers to create realistic websites and content with minimal effort. By using simple prompts such as: 👉 “Build a website that looks exactly like Okta but isn’t the same,” hackers can generate fake login portals that closely mimic legitimate services. These AI-generated phishing sites are designed to: Steal login credentials Capture authentication tokens Trick users into revealing sensitive info...
Read more