Dirty Cow

Overview

The Dirty COW vulnerability is an interesting case of the race condition vulnerability. It existed in the Linux kernel since September 2007, and was discovered and exploited in October 2016. The vulnerability affects all Linux-based OS, including Android, and its consequence is severe: attackers can gain root privilege by exploiting the vulnerability. The vulnerability resides in the code of copy-on-write (COW) inside Linux kernel. By exploiting this vulnerability, attackers can modify any protected file, even though these files are only readable.

mmap()

MAP_SHARED, MAP_PRIVATE and Copy On Write

Discard the Copied Memory

Mapping Read-Only Files

The Dirty COW Vulnerability