Hi,
I checked here AdvisoriesI did not see any insight in the latest Linux VUN dubbed "Dirty COW"
So I am posting here for a discussion.
Do we have any news of how VMware maybe affected by this virus?
CVE-2016-5195, a kernel privilege escalation bug tagged "Dirty COW".
Thanks
Jeff
I am interested to find out too. I have logged a Case to VMware for their advice.
It would be great to find out the outcome of the case your logged, as there is nothing from VMware yet, and Security is on my back.
the VMware vCenter appliances run opensuse linux, so most likely they are vulnerable to dirty c0w vulnerability. I'm sure VMware will release patch but I have found its possible to patch manually using opensuse repository. I have done this for vCenter
5.5 appliance, have not tested 6.x
This will upgrade kernel to 3.0.101-292.g0e83e89-default (at time of this writing) which is not vulnerable to dirty c0w. Note that if you're using 6.x appliance then you will almost certainly need to use a newer kernel repo.
I don't know about ESXi server. I tested ESXi 5.1 and 5.5 using https://www.redpacketsecurity.com/testing-dirty-cow-cve-2016-5195/ and the test came back negative, however because gcc is not installed I had to compile from different machine; this could skew test. Perhaps someone from VMware could comment?
VMware Response to CVE-2016-5195: ‘Dirty COW’ privilege escalation vulnerability http://kb.vmware.com/kb/2147515
VMware product updates address local privilege escalation vulnerability in Linux kernel VMSA-2016-0018.3