Dirty Cow is a computer security vulnerability for the Linux kernal, affecting Linux-based operating systems including Android devices. The Copy-On-Write vulnerability enables attackers to exploit the compromised Linux Machines by running code that enables them to escalate privileges to root and upload files that can be executed for malicious purposes. When the vulnerability is exploited, an attacker gains write access to memory mappings that would normally be read-only which can cause a detrimental effect to the privacy of information on the affected machine.
Are KEMP LoadMaster Products Affected?
LoadMaster does not appear to be vulnerable to this exploit as a user would need shell access to the box (as non-root) and all it would provide is a possibility of getting root access. Since only root/xroot can log into the shell and the bal account (the only local account) cannot, LoadMaster does not appear to be exploitable. LoadMaster Operating system version 7.2.37 scheduled for GA in January 2017 will also include the PATCH released to mitigate this exploit.
Is KEMP 360 Affected?
KEMP 360 Central does not appear to be vulnerable to this exploit for the same reason as LoadMaster. Additionally, KEMP 360 Central v1.11, planned for download availability on 11/11, is based on Xenial LTS kernel version 4.4.0-45.66 which includes the PATCH released to mitigate this exploit.
KEMP 360 Vision does not appear to be vulnerable to this exploit for the same reason as LoadMaster. Additionally, KEMP 360 Vision v1.2.1, which is in the process of being rolled out to subscribed customers now, is also based on Xenial LTS kernel version 4.4.0-45.66 which includes the PATCH released to mitigate this exploit.
Does KEMP track upstream security vulnerabilities?
Yes. Our job as a vendor is for us to understand, manage, and accept residual risk – we have policies and procedures in place to proactively monitory and address security issues when those occur.
We are ultimately responsible for the risk profile of our product – our goal is to ship with no known vulnerabilities. When vulnerabilities are found our goal is to communicate honestly and clearly and get fixes out as soon as responsibly possible.
Are you protected?
While KEMPs remain fully secure from the vulnerability, it is vital that you check if your Linux-based systems are up to date with the security patches required to fix this vulnerability.
Contact our technical team today. We provide full system audits including ensuring that Linux-based machines are fully optimised to meet the highest security standard.