A security researcher named David Manouchehri has recently published an exploit code for the Dirty COW Linux flaw and this code has the ability to root an android smartphone.
When Linux kernel has patched a flaw that existed since 2007, this Dirty COW vulnerability was found. This was in Linux since Linux kernel version 3.6.
The nick name of this flaw is Dirty COW and it is originally tracked as CVE-2016-5195, this flaw is one of the most influential when it comes to kernel operations which allowed the attackers to elevate privileges and then execute code as another user (an EoP – Escalation of Privilege vulnerability). Simply to say, Dirty COW allowed attackers to gain root privileges on the affected Linux machines.
Dirty COW can affect all versions of Android
At the time, it was unclear if the Android operating system, which is based on the Linux kernel, was vulnerable to the issue.
Phil Oester, the man who discovered Dirty COW didn’t test for the vulnerability’s presence in Android devices. Fortunately, Manouchehri did and published proof-of-concept code on GitHub on Sunday.
In a Twitter post, the researcher said he was able to use a variation of Dirty COW and get root privileges on a device running Android 6.0.1.
In an interview with Dan Goodin of ArsTechnica, Manouchehri says that all Android versions since version 1.0 seem to be vulnerable to Dirty COW.
While initially the infosec community has mocked Oester for overhyping Dirty COW by creating a dedicated website, logo, and Twitter feed, the vulnerability packed a bigger punch than even Oester had expected.
Exploitation is still a little bit tricky, since multiple conditions have to be met before triggering a kernel race condition, but the danger is still there.
Since Dirty COW’s discovery, multiple Linux OS projects have patched their distros for the security flaw.