Android patch is now out for the “Dirty Cow”

Patch, Vulnerability

Android patch is now out for the “Dirty Cow”.

Monday, Google released a patch for the Dirty Cow vulnerability in the monthly Android Security Bulletin.  It was also the Google’s final Security Bulletin release for 2016.

Marked under CVE-2016-5195, the Dirty Cow patch is one of 11 deemed critical vulnerabilities to be fixed after security update roll-out.

The Dirty Cow vulnerability persisted in Linux for around one decade. Dirty Cow bug in Linux Kernel was patched in October after it was discovered. However, Android users had to wait for more than a month for their fix.
Released on Monday, the December Android Security Bulletin, fixes more than 50 security flaws. A separate round of patches from Dec 1 also fixes an additional 10 high importance bugs.

Why the Dirty Cow was a critical vulnerability?

The flaw was found in the copy-on-write (COW) feature in Linux. It could be easily exploited by an attacker with local access to obtain root privileges on a Linux or Android device.

That means, a user with read only access on a particular Linux based system could get “root” access by exploiting the mentioned vulnerability. Since Android operating system is based on Linux Kernel, Android was also vulnerable to the Dirty Cow.

The flaw, remained in Linux Kernel since 2007 and version 2.6.22. The vulnerability was first discovered by Researcher Phil Oester last October.

The Android Security Bulletin released on Monday also includes patches for vulnerabilities rated high severity in the kernel, kernel file system, Qualcomm codecs and drivers, NVIDIA drivers, HTC sound code and MediaTek drivers, among others. Most of the flaws are elevation of privilege issues.