dirtycow exploit - a serious risk for us currently

[jcadduono]

Everyone who is maintaining a kernel in the project please consider patching your kernel ASAP and submitting a pull request.

3.4: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=1c8544a93151329be95f702f6f4029f860b77ee7 3.10: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=9691eac5593ff1e2f82391ad327f21d90322aec1 3.18: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/patch/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354

It should apply mostly cleanly over the proper kernel major versions. Use git am xx.patch, and then use patch -p1 < xx.patch if it fails followed by git am --continue.

This is a serious issue because NetHunter kernels are almost always running in permissive due to the complication of injecting massive amounts of policies to cover the chroot. In permissive, this gives ANY android app limited root access to your device.

Example exploit: http://forum.xda-developers.com/v20/development/h918-recowvery-unlock-v20-root-shell-t3490594 (yes, I used dirtycow to root a device, it's also a friendly exploit in the right hands!)

People could take my exploit and change a few things to do much worse things than flash a recovery partition.

Safely patched kernels

• Galaxy Note 7 (1.4+)
• Galaxy S7 (1.4+)
• Galaxy S7 edge (1.4+)
• Nexus 6 (CyanogenMod, 2.4+)
• Jiayu S3 Advanced (1.0+)
• ZTE Axon 7

[ajmtrz]

[shamucm] patched. https://github.com/discipuloosho/android_kernel_moto_shamu/commit/ede94e8e8a1a3ad7ac530010dabe01da968268e4 Thanks.

[DKingAlpha]

I checked and found the kernel of Jiayu S3 already patched. Thanks.

[l33tnoob]

[ido] is already patched

[ghost]

One M8 patched. Just waiting for my pull request to be accepted, then I can provide a new zImage.

https://github.com/lavanoid/android_kernel_htc_m8gpe/commit/869fce8a13c07b92c8914d29cb7f16ed696a2217