This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

CVE–2016–5195 - 'Dirty Cow' Linux vulnerability

I take it Sophos UTMs are exposed to this vulnerability and Sophos is releasing a Patch for all models affected soon? 



This thread was automatically locked due to age.
Parents
  • Hi Simon,

    Reading more on that CVE tells me it only applies if someone malicious or otherwise has already gained access to the shell of the UTM via loginuser (if they got to root first, you're stuffed anyway). Considering the SSH will only be exposed through adiministrative or test interaction and should (in best practice) be severely restricted, this has very limited impact withe UTM. Unlike a Linux webserver, virtual host or user device wherein there would be general interaction from multiple third parties.

    However it is a legitimate concern, hopefully there is a patch in the pipeline :)

    Emile

Reply
  • Hi Simon,

    Reading more on that CVE tells me it only applies if someone malicious or otherwise has already gained access to the shell of the UTM via loginuser (if they got to root first, you're stuffed anyway). Considering the SSH will only be exposed through adiministrative or test interaction and should (in best practice) be severely restricted, this has very limited impact withe UTM. Unlike a Linux webserver, virtual host or user device wherein there would be general interaction from multiple third parties.

    However it is a legitimate concern, hopefully there is a patch in the pipeline :)

    Emile

Children
No Data