In October, Linux security researcher discovered that a nine-year old Linux kernel flaw (CVE-2016-5195) was witnessing active exploits in the wild. The flaw was dubbed "Dirty COW", an acronym for the duplication technique called copy-on-write, and could potentially give root access of a device to the attacker within a matter of seconds. Now, Google has finally patched the critical flaw on Linux with its latest Android security update, and the patch is available for OEMs to implement on their Android devices.
The latest security update from the search giant, released alongside the Android 7.1.1. Nougat update on Monday, fixes over 50 security flaws including 11 with critical severity - including Dirty Cow. "The exploit in the wild is trivial to execute, never fails and has probably been around for years - the version I obtained was compiled with gcc 4.8," Oester said in October. The bug was initially patched 11 years ago but the fix was later undone in another code commit.
Last month, Google was expected to patch the flaw with its security update for November but the company couldn't patch the flaw at the time. However, Google released a supplemental fix for Pixel and Nexus devices. Kaspersky Lab's Threatpost reported that Samsung also released a fix for its mobile devices. Google had said that the company will introduce the Android-wide patch for Dirty COW in the December Android security update.
As per the dedicated page for this flaw, exploitation of this bug doesn't leave any traces behind. This nature of the flaw makes it even more dangerous as the users will not be made aware even when their security has been compromised.
Apart from this critical flaw, the search giant also patched another critical kernel memory flaw, CVE-2016-4794, which also allows attackers to gain root privileges of users' device. The security update comes with a patch for critical privilege escalation flaws regarding Nvidia's video and camera drivers.
The critical vulnerabilities concerning Qualcomm components was also fixed with company's latest security update.