"A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system." (RH)
In fact, all the boring normal bugs are _way_ more important, just because there's a lot more of them. I don't think some spectacular security hole should be glorified or cared about as being any more "special" than a random spectacular crash due to bad locking.
+It's being exploited right now. While this bug doesn't allow someone to pwn your machine all by itself, combined with a remote code execution exploit, it would allow an attacker to gain root on your machine.
An exploit using this technique has been found in the wild from an HTTP packet capture according to Phil Oester.
@@ -62,7 +62,7 @@This FAQ provides answers to some of the most frequently asked questions regarding the Dirty COW vulnerability. This is a living document and will be updated regularly at https://dirtycow.ninja.
.
+If you're running Linux, probably. The bug has been around for nearly a decade.
Although the attack can happen in different layers, antivirus signatures that detect Dirty COW could be developed. Due to the attack complexity, differentiating between legitimate use and attack cannot be done easily, but the attack may be detected by comparing the size of the binary against the size of the original binary. This implies that antivirus can be programmed to detect the attack but not to block it unless binaries are blocked altogether.