Buna tuturor,

In cursul zilei de azi am auzit prima data despre Dirty-COW, aflandu-ma in panoul de adminitrare a unui magazin pe Magento.

Dupa putin research, pare o problema de actualitate si destul de generala, astfel s-ar putea ca si voi sau clientii vostrii sa fie afectati:
  1. What is Dirty COW? It's the name given to a newly discovered vulnerability in virtually all versions of the Linux operating system.
  2. Essentially it means that - if the vulnerability is left unpatched - if a local user can read a file, they can also write to it. Ouch!
  3. But why Dirty COW? According to the researchers who found the flaw, and created a website to share information about it: "A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system."


Toate informatiile necesare le gasiti aici: https://dirtycow.ninja/

P.S In Magento mi-a aparut un popup cu notificare.