A new Linux kernel vulnerability called Dirty Cow (CVE-2016-5195) was announced. It affects certain versions of the Linux kernel.
Whether it affects your box will depend on your server provider.
If your Mail-in-a-Box is running on bare metal (i.e. it’s not a virtualized server), then you are probably affected because you are probably running the stock Ubuntu 14.04 kernel. If you are running a virtualized server, your provider will probably have instructions for you.
To check your box, log into your Mail-in-a-Box with SSH (like when you installed Mail-in-a-Box) and run
$ uname -rv 3.13.0-34-generic #60-Ubuntu SMP Wed Aug 13 15:45:27 UTC 2014
Kernel versions 3.xx (like this one, 3.13.0-34) are vulnerable until you get a
-100 version kernel. (I’m not sure about 4.x kernel versions — can anyone help out here?)
If you have a vulnerable kernel version, upgrade your kernel:
$ sudo apt-get update $ sudo apt-get upgrade linux-image-generic
Afterwards, reboot your box:
$ sudo reboot
Then check your kernel version again:
$ uname -rv 3.13.0-100-generic #147-Ubuntu SMP Tue Oct 18 16:48:51 UTC 2016
You should see
-100 in the version now and that means you’re good.