Dirty Cow vulnerability

Dirty Cow (Copy On Write) affects anyone using any variant of Linux, including Android.

Here’s a couple of links with more info:

more info (from spongebob?!?):

You can check the kernel version on the admin page of emoncms or using uname -r at the command prompt of other (non-emoncms server) Pi’s. The patch is applied from 4.4.26-v7+.

Although apparently just

sudo apt-get update
sudo apt-get dist-upgrade

will do, the official advice from the foundation is to use

sudo apt-get update
sudo apt-get install raspberrypi-kernel

…AND REBOOT!!

The new kernel will not get loaded until it is restarted.

This assumes a Raspbian OS image, I haven’t looked into any others.

1 Like

I can confirm that just

sudo apt-get update
sudo apt-get dist-upgrade

Will get you 4.4.26-v7+ on our emonPi Jessie image,and it doesn’t break anything!

to get the current OS version:
to get the current Linux version for the emonPi image
Log In > go to the Setup menu > click on Administration. Scroll down to Server Information, then look for the Server OS line.

Applies to all current versions of emoncms.

Paul

Darn! I wanted to be special because I have an emonPi ;-).

2 Likes

It seems that self-builds are more special Jon - they get a more recent update… :money_mouth:

Paul

I was watching the dist-upgrade commands scroll by (kinda like watching paint dry) and I saw rpikernelhack. From searching The Internet it seems OK and are Linux patches for RaspPi.

Is this really OK? I don’t remember seeing this before.
 

Adding 'diversion of /boot/overlays/dwc2.dtbo to /usr/share/rpikernelhack/overlays/dwc2.dtbo by rpikernelhack'
Adding 'diversion of /boot/overlays/enc28j60.dtbo to /usr/share/rpikernelhack/overlays/enc28j60.dtbo by rpikernelhack'
Adding 'diversion of /boot/overlays/gpio-ir.dtbo to /usr/share/rpikernelhack/overlays/gpio-ir.dtbo by rpikernelhack'
Adding 'diversion of /boot/overlays/gpio-poweroff.dtbo to /usr/share/rpikernelhack/overlays/gpio-poweroff.dtbo by rpikernelhack'
Adding 'diversion of /boot/overlays/hifiberry-amp.dtbo to /usr/share/rpikernelhack/overlays/hifiberry-amp.dtbo by rpikernelhack'

Nothing to worry about

It’s just the directory name given by the developers who have created a Raspberry Pi specific set of patches to the Linux kernel.

anything special I need to do when updating the kernal with the root on an external USB Hard drive?

Just saying cause I ended up with a rainbow screen. I’ll check a few things out. Maybe the new kernel.img file was corrupt.

What distro / version are you running?

I was running the pre built emonSD-03May16, which I had migrated to my external USB HD, and made read-write able.

I tried changing the cmdline.txt to boot from the SD card, but got the same rainbow screen. Maybe I can reflash my SDcard and start over and recover my 15 days of data on my HDD. I’m going to try and test my PI3 with an image I have on my other PI2 for something else.

Run sudo apt-get update && sudo apt-get upgrade (provided it’s Raspbian, or a derivative) on the card that you pull from your Pi2. Otherwise, you’ll definitely get the rainbow…

Did you do the apt-get update/upgrade on your HDD? That should have been all that was needed.

can’t get it to boot from the hard drive or SD card at this point

Is the “rainbow” a small square in the upper right corner of your screen?
Or is it the large one that occupies most of the screen?

not sure what happened. Looks like I did not move the data folder off the SD card, so I’m in the process of getting that to the HD. I did have to build a new SD card, and copy the old cmdline.txt from the old SD card to get it to boot past the rainbow colors. This seems to be working, and the HD booted with everything but my data folder which was still mounting to the SD card.

So once I get stable again I’ll check my version and make sure it was jsut the SD card giving me grief, and likely due to using one of those cheep Samsung 32GB cards I had laying around. I keep forgetting why I hate them. :wink: Probably only good for pictures.