DirtyCow / Urgent security fix for Cubieboard / BananaPI Kernels


You may have heard of the Dirty-Cow Security bug (CVE-2016-5195) , which is inside the Linux-kernel for 11 years! Luckily there have been patches created for modern kernels, but this security issue was introduced with kernel 2.6 way back in time.

The usual kernel 3.4.xxx are used in the Cubieboard, Cubietruck and BananaPI boards do have this issue which makes it possible to modify every file in your system even as a standard user. I did some tests and I was able to modify with a non-privileged user to modify a file of the root user which was read-only even for the root user. This opens the door for many many upcoming attacks, so please ensure that you update your kernel as quick as possible. Its known that the attacks are already in progress, so please hurry up!

I built following kernels which have include the Security-fix:

Kernel 3.4.112-c ( http://dl.danand.de/cubieboard/danand_a20_3_4_112_c.tgz )
Kernel 4.4.26-a ( http://dl.danand.de/cubieboard/experiments/4.4.26-a.tgz)
Kernel 4.7.9-a ( http://dl.danand.de/cubieboard/experiments/4.7.9-a.tgz )
Kernel 4.8.3-a ( http://dl.danand.de/cubieboard/experiments/4.8.3-a.tgz )

NOTE: If you are currently using kernel 3.4.xxx, please download the 3.4.112-c . Do not simply download 4.x kernels when you are using 3.4 kernels. You will run into issues.

You can also check out my changes to the 3.4.xxx Linux kernel at https://github.com/dan-and/linux-sunxi 

As usual, you can find more kernel builds at http://dl.danand.de/cubieboard for kernel 3.4.xxx and http://dl.danand.de/cubieboard/experiments/ for kernel 4.x builds.

Leave a Reply

Your email address will not be published. Required fields are marked *