Bootstrap FreeKB - CVE - Resolve CVE-2016-5195 (Linux Dirty COW)
CVE - Resolve CVE-2016-5195 (Linux Dirty COW)

Updated:   |  CVE articles

For CentOS, run this command to download a script to test your OS:

[root@server1 ]# wget https://access.redhat.com/sites/default/files/rh-cve-2016-5195_1.sh

 

Run the test script.

[root@server1 ]# bash rh-cve-2016-5195_1.sh

 

If the following output is displayed, your CentOS machine is vulnerable to CVE-2016-5195.

[root@server1 ]# bash rh-cve-2016-5195_1.sh
rh-cve-2016-5195_1.sh: line 574: lsmod: command not found
Your kernel is x.x.xx-xxx.xxx which IS vulernable.
Red hat recommends that you update your kernel. Alternatively, you can apply partial
mitigation described at https://access.redhat.com/security/vulnerabilities/2706661 .

 

You can also use the uname -rv command to view the version kernel you are currently using.

[root@server1 ]# uname -rv
kernel.x86_64 0:x.xx.x-xxx.xx.x.xx

 

If your machine is vulnerable to CVE-2016-5195, run the yum update command. This will download and install the latest kernel. Near the end of the output you should see the version of the new kernel that was installed.

[root@server1 ]# yum update
. . . 
Installed:
  kernel.x86_64 0:x.xx.x-xxx.xx.x.xx

 

After the new kernel has been installed, reboot the machine.

[root@server1 ]# reboot

 

After reboot, ensure the new kernel is being used.

[root@server1 ]# uname -rv
kernel.x86_64 0:x.xx.x-xxx.xx.x.xx

 

Also ensure your machine is no longer vulnerable to CVE-2016-5195. In this example, the output confirms your machine is no longer vulnerable to CVE-2016-5195.

[root@server1 ]# bash rh-cve-2016-5195_1.sh
Your kernel is x.x.xx-xxx.xxx which is NOT vulernable.

 




Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee



Comments


Add a Comment


Please enter e2ef02 in the box below so that we can be sure you are a human.