CVE–2016–5195 - 'Dirty Cow' Linux vulnerability

Question

I take it Sophos UTMs are exposed to this vulnerability and Sophos is releasing a Patch for all models affected soon?

Emile Belcourt · Accepted Answer

Hi Simon, 
 Reading more on that CVE tells me it only applies if someone malicious or otherwise has already gained access to the shell of the UTM via loginuser (if they got to root first, you're stuffed anyway). Considering the SSH will only be exposed through adiministrative or test interaction and should (in best practice) be severely restricted, this has very limited impact withe UTM. Unlike a Linux webserver, virtual host or user device wherein there would be general interaction from multiple third parties. 
 However it is a legitimate concern, hopefully there is a patch in the pipeline :) 
 Emile

Sure Win 2 · Answer

is correct in his statement. Thanks! 
 Sophos UTM is affected by the DirtyCow CVE-2016-5195. However it requires you to have successful shell login to exploit. Once logged in, there's nothing left to exploit. We recommend to always use a strong password and minimize shell access to just the networks you trust. Sophos will be patching it in a future update.