14 DAY TRIAL // We reported a couple of days ago that Johnny Hughes from the CentOS Linux team published an important kernel security advisory for users of the CentOS 7 operating system.
But it looks like users of the long-term supported CentOS 6 Linux operating system series are also affected, and the CentOS Errata and Security Advisory 2016:2105 informs them about an important kernel update. Yes, of course, we're talking about the "Dirty COW" bug patched recently by Linus Torvalds himself and pushed to all supported Linux kernel branches, and documented at CVE-2016-5195.
"A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged, local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system," reads Red Hat's latest security advisory.
Affects Red Hat Enterprise Linux 6.x operating systems too
The CentOS 6 Linux series is based on the freely distributed source code of the Red Hat Enterprise Linux (RHEL) 6 operating system, which means that it always receives the latest security updates as soon as they are pushed upstream. Being used mainly in server environments, your CentOS 6 installation must always be patched and up to date, so make sure that you apply kernel-2.6.32-642.6.2.el6 immediately.
As expected, the security vulnerability also affects the Red Hat Enterprise Linux Desktop (v. 6), Red Hat Enterprise Linux HPC Node (v. 6), Red Hat Enterprise Linux Server (v. 6), and Red Hat Enterprise Linux Workstation (v. 6) upstream products. Therefore, we recommend that you update all of your CentOS 6 and RHEL 6 systems as soon as possible to patch the "Dirty COW" issue.