Table of Contents
Was this article helpful?
Try Vultr Today with

$50 Free on Us!

Want to contribute?

You could earn up to $600 by adding new articles.

Patching the Dirty Cow Exploit on CentOS

Last Updated: Tue, Nov 22, 2016
Linux Guides System Admin

What is "Dirty Cow (CVE-2016-5195)"?

The "Dirty Cow" vulnerability is exploited through how Linux processes code. It allows for an unprivileged user to gain root privileges. This can be used on any server with a vulnerable kernel. At the time of writing, there have been updates to certain operating systems, but others remain affected. The vulnerability is typically used on shared hosting accounts with shell access. As such, to prevent damage to other users, updating is crucial.

Affected systems

Any CentOS 5/6/7 system.

Test and patching

RHEL has a utility available to test your server. Simply download the following with:



If your server is vulnerable, you will be notified by the script:

Your kernel is <version here> which IS vulnerable.

Red Hat recommends that you update your kernel. Alternatively, you can apply partial

mitigation described at .

If you are indeed vulnerable, proceed to the next step. Otherwise, no action is required.

Patching is quite simple:

yum update -y


Check that your server was patched by running the rh-cve script again. If your server is still affected, we must patch it manually.

Manual patch

We must install Systemtap to apply the kernel update:

yum install systemtap -y

Now, create a file called new.stp.

Paste the following:

probe     kernel.function("mem_write").ca ll ? {

        $count = 0


probe syscall.ptrace {  //   includes compat ptrace as well

        $request = 0xfff


probe begin {

        printk(0, "CVE-2016-5195   mitigation loaded")


probe end {

        printk(0, "CVE-2016-5195    mitigation unloaded")


Save, then exit.

Run the following command:

stap -g new.stp

Now, reboot your server:

shutdown -r now


Congratulations. You have updated your server successfully.

Want to contribute?

You could earn up to $600 by adding new articles.