A Dirty Cow Container Exploit Sticks Around Even After The Container Is Destroyed

Don’t let the funny name fool you – the Dirty Cow (dirty copy-on-write, designation CVE-2016-5195) exploit that can compromise the Linux kernel can also make a mess of your system, even when introduced through a compromised container that is subsequently stopped and removed. Many attackers will make use of this exploit to overwrite a setuid program – such as “passwd” in Linux systems – that can temporarily increase a user’s access privileges so that they can complete some task that requires it.

Read full news article on Dzone