The 2017 Pwnie Nominee For Most Over-Hyped Bug

Dirty Cow

Credit: Phil Oester

This was a privilege escalation vulnerability in the Linux kernel that utilized a race condition with copy-on-write of private read-only memory mappings.

While this did have a website, a logo, and a twitter account, its pretty obvious that this was done in a tongue in cheek way and maybe not even by the discoverer. I love the lines on the site that say how you aren’t vulnerable and it also includes a swag section with extremely expensive logo’d swag.

Overall, kinda confusing on whether the researcher really thought it was a big deal or not, but regardless, its one of hundreds of Linux kernel escalations so it probably doesn’t need a logo, even though Mark Dowd says its hard finding Linux kernel bugs these days.

Dirty Cow (CVE-2016-5195)