Dirty Cow Vulnerability CVE-2016-5195


A new Linux kernel vulnerability called Dirty Cow (CVE-2016-5195) was announced. It affects certain versions of the Linux kernel.

Whether it affects your box will depend on your server provider.

If your Mail-in-a-Box is running on bare metal (i.e. it’s not a virtualized server), then you are probably affected because you are probably running the stock Ubuntu 14.04 kernel. If you are running a virtualized server, your provider will probably have instructions for you.

To check your box, log into your Mail-in-a-Box with SSH (like when you installed Mail-in-a-Box) and run uname -rv:

$ uname -rv
3.13.0-34-generic #60-Ubuntu SMP Wed Aug 13 15:45:27 UTC 2014

Kernel versions 3.xx (like this one, 3.13.0-34) are vulnerable until you get a -100 version kernel. (I’m not sure about 4.x kernel versions — can anyone help out here?)

If you have a vulnerable kernel version, upgrade your kernel:

$ sudo apt-get update
$ sudo apt-get upgrade linux-image-generic

Afterwards, reboot your box:

$ sudo reboot

Then check your kernel version again:

$ uname -rv
3.13.0-100-generic #147-Ubuntu SMP Tue Oct 18 16:48:51 UTC 2016

You should see -100 in the version now and that means you’re good.


This doesn’t work for me on DigitalOcean, my version doesn’t change. I get

3.13.0-52-generic #85-Ubuntu SMP Wed Apr 29 16:44:17 UTC 2015


worked fine for me, thanks


Thanks for the heads-up!


You might need to switch to internal kernel management:


(which worked for me)


That worked, thank you!


This topic was automatically closed 6 days after the last reply. New replies are no longer allowed.