CVE-2016-5195

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

References

http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

http://rhn.redhat.com/errata/RHSA-2016-2098.html

http://rhn.redhat.com/errata/RHSA-2016-2105.html

http://rhn.redhat.com/errata/RHSA-2016-2106.html

http://rhn.redhat.com/errata/RHSA-2016-2107.html

http://rhn.redhat.com/errata/RHSA-2016-2110.html

http://rhn.redhat.com/errata/RHSA-2016-2118.html

http://rhn.redhat.com/errata/RHSA-2016-2120.html

http://rhn.redhat.com/errata/RHSA-2016-2124.html

http://rhn.redhat.com/errata/RHSA-2016-2126.html

http://rhn.redhat.com/errata/RHSA-2016-2127.html

http://rhn.redhat.com/errata/RHSA-2016-2128.html

http://rhn.redhat.com/errata/RHSA-2016-2132.html

http://rhn.redhat.com/errata/RHSA-2016-2133.html

http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3

http://www.openwall.com/lists/oss-security/2016/10/26/7

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.securityfocus.com/bid/93793

http://www.securitytracker.com/id/1037078

https://access.redhat.com/errata/RHSA-2017:0372

https://access.redhat.com/security/cve/cve-2016-5195

https://access.redhat.com/security/vulnerabilities/2706661

https://bto.bluecoat.com/security-advisory/sa134

https://bugzilla.redhat.com/show_bug.cgi?id=1384344

https://bugzilla.suse.com/show_bug.cgi?id=1004418

https://dirtycow.ninja

https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs

https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails

https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

https://kc.mcafee.com/corporate/index?page=content&id=SB10176

https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html

https://security.netapp.com/advisory/ntap-20161025-0001/

https://security.paloaltonetworks.com/CVE-2016-5195

https://security-tracker.debian.org/tracker/CVE-2016-5195

https://source.android.com/security/bulletin/2016-11-01.html

https://source.android.com/security/bulletin/2016-12-01.html

https://www.exploit-db.com/exploits/40611/

https://www.exploit-db.com/exploits/40616/

https://www.exploit-db.com/exploits/40839/

https://www.exploit-db.com/exploits/40847/

https://www.kb.cert.org/vuls/id/243144

Details

Source: MITRE

Published: 2016-11-10

Updated: 2020-02-17

Type: CWE-362

Risk Information

CVSS v2

Base Score: 7.2

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

Impact Score: 10

Exploitability Score: 3.9

Severity: HIGH

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 1.8

Severity: HIGH

Tenable Plugins

View all (65 total)

IDNameProductFamilySeverity
136011openSUSE Security Update : kubernetes (openSUSE-2020-554) (Dirty COW)NessusSuSE Local Security Checks
critical
125100EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1494)NessusHuawei Local Security Checks
high
124982EulerOS Virtualization for ARM 64 3.0.1.0 : kernel (EulerOS-SA-2019-1529)NessusHuawei Local Security Checks
medium
99814EulerOS 2.0 SP1 : kernel (EulerOS-SA-2016-1051)NessusHuawei Local Security Checks
critical
99163OracleVM 3.3 : Unbreakable / etc (OVMSA-2017-0057) (Dirty COW)NessusOracleVM Local Security Checks
critical
97306F5 Networks BIG-IP : Linux privilege-escalation vulnerability (K10558632) (Dirty COW)NessusF5 Networks Local Security Checks
high
94929OracleVM 3.2 : Unbreakable / etc (OVMSA-2016-0158) (Dirty COW)NessusOracleVM Local Security Checks
high
94861Fedora 25 : kernel (2016-c8a0c7eece) (Dirty COW)NessusFedora Local Security Checks
high
94463RHEL 6 : kernel (RHSA-2016:2133) (Dirty COW)NessusRed Hat Local Security Checks
high
94462RHEL 6 : kernel (RHSA-2016:2132) (Dirty COW)NessusRed Hat Local Security Checks
high
94454RHEL 6 : kernel (RHSA-2016:2128) (Dirty COW)NessusRed Hat Local Security Checks
high
94453RHEL 5 : kernel (RHSA-2016:2127) (Dirty COW)NessusRed Hat Local Security Checks
high
94452RHEL 5 : kernel (RHSA-2016:2126) (Dirty COW)NessusRed Hat Local Security Checks
high
94438Slackware 14.0 / 14.1 / 14.2 / current : kernel (SSA:2016-305-01) (Dirty COW)NessusSlackware Local Security Checks
high
94432Scientific Linux Security Update : kernel on SL5.x i386/x86_64 (20161028) (Dirty COW)NessusScientific Linux Local Security Checks
high
94431RHEL 5 : kernel (RHSA-2016:2124) (Dirty COW)NessusRed Hat Local Security Checks
high
94429Oracle Linux 5 : kernel (ELSA-2016-2124) (Dirty COW)NessusOracle Linux Local Security Checks
high
94409CentOS 5 : kernel (CESA-2016:2124) (Dirty COW)NessusCentOS Local Security Checks
high
94348RHEL 6 : kernel (RHSA-2016:2120) (Dirty COW)NessusRed Hat Local Security Checks
high
94326SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2659-1) (Dirty COW)NessusSuSE Local Security Checks
high
94325SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2658-1) (Dirty COW)NessusSuSE Local Security Checks
high
94324SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2657-1) (Dirty COW)NessusSuSE Local Security Checks
high
94323SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2655-1) (Dirty COW)NessusSuSE Local Security Checks
high
94317RHEL 7 : kernel (RHSA-2016:2118) (Dirty COW)NessusRed Hat Local Security Checks
high
94316RHEL 7 : kernel-rt (RHSA-2016:2110) (Dirty COW)NessusRed Hat Local Security Checks
high
94315RHEL 6 : MRG (RHSA-2016:2107) (Dirty COW)NessusRed Hat Local Security Checks
high
94314RHEL 6 : kernel (RHSA-2016:2106) (Dirty COW)NessusRed Hat Local Security Checks
high
94313RHEL 6 : kernel (RHSA-2016:2105) (Dirty COW)NessusRed Hat Local Security Checks
high
94303openSUSE Security Update : the Linux Kernel (openSUSE-2016-1227) (Dirty COW)NessusSuSE Local Security Checks
critical
94292CentOS 6 : kernel (CESA-2016:2105) (Dirty COW)NessusCentOS Local Security Checks
high
94286SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2636-1) (Dirty COW)NessusSuSE Local Security Checks
high
94285SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2633-1) (Dirty COW)NessusSuSE Local Security Checks
high
94284SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2632-1) (Dirty COW)NessusSuSE Local Security Checks
high
94281SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2614-1) (Dirty COW)NessusSuSE Local Security Checks
high
94280SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2596-1) (Dirty COW)NessusSuSE Local Security Checks
high
94279SUSE SLES12 Security Update : kernel (SUSE-SU-2016:2593-1) (Dirty COW)NessusSuSE Local Security Checks
high
94278SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:2592-1) (Dirty COW)NessusSuSE Local Security Checks
high
94276SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2585-1) (Dirty COW)NessusSuSE Local Security Checks
high
94266Scientific Linux Security Update : Important: kernel on SL6.x i386/x86_64 (20161025) (Dirty COW)NessusScientific Linux Local Security Checks
high
94264Oracle Linux 6 : kernel (ELSA-2016-2105)NessusOracle Linux Local Security Checks
high
94254CentOS 7 : kernel (CESA-2016:2098) (Dirty COW)NessusCentOS Local Security Checks
high
94249Ubuntu 16.10 : linux-raspi2 vulnerability (USN-3107-2) (Dirty COW)NessusUbuntu Local Security Checks
high
94248Scientific Linux Security Update : kernel on SL7.x x86_64 (20161024) (Dirty COW)NessusScientific Linux Local Security Checks
high
94247Oracle Linux 7 : kernel (ELSA-2016-2098)NessusOracle Linux Local Security Checks
high
94239openSUSE Security Update : the Linux Kernel (openSUSE-2016-1211) (Dirty COW)NessusSuSE Local Security Checks
high
94230RHEL 7 : kernel (RHSA-2016:2098) (Dirty COW)NessusRed Hat Local Security Checks
high
94229OracleVM 3.3 : Unbreakable / etc (OVMSA-2016-0150) (Dirty COW)NessusOracleVM Local Security Checks
high
94228OracleVM 3.4 : Unbreakable / etc (OVMSA-2016-0149) (Dirty COW)NessusOracleVM Local Security Checks
high
94225Oracle Linux 5 / 6 : Unbreakable Enterprise kernel (ELSA-2016-3634)NessusOracle Linux Local Security Checks
high
94224Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3633)NessusOracle Linux Local Security Checks
high
94223Oracle Linux 6 / 7 : Unbreakable Enterprise kernel (ELSA-2016-3632)NessusOracle Linux Local Security Checks
high
94219openSUSE Security Update : the Linux Kernel (openSUSE-2016-1212) (Dirty COW)NessusSuSE Local Security Checks
high
94213Fedora 24 : kernel (2016-db4b75b352) (Dirty COW)NessusFedora Local Security Checks
high
94212Fedora 23 : kernel (2016-c3558808cd) (Dirty COW)NessusFedora Local Security Checks
high
94182Amazon Linux AMI : kernel (ALAS-2016-757) (Dirty COW)NessusAmazon Linux Local Security Checks
high
94159Ubuntu 16.10 : linux vulnerability (USN-3107-1) (Dirty COW)NessusUbuntu Local Security Checks
high
94158Ubuntu 16.04 LTS : linux-snapdragon vulnerability (USN-3106-4) (Dirty COW)NessusUbuntu Local Security Checks
high
94157Ubuntu 16.04 LTS : linux-raspi2 vulnerability (USN-3106-3) (Dirty COW)NessusUbuntu Local Security Checks
high
94156Ubuntu 14.04 LTS : linux-lts-xenial vulnerability (USN-3106-2) (Dirty COW)NessusUbuntu Local Security Checks
high
94155Ubuntu 16.04 LTS : linux vulnerability (USN-3106-1) (Dirty COW)NessusUbuntu Local Security Checks
high
94154Ubuntu 12.04 LTS : linux-lts-trusty vulnerability (USN-3105-2) (Dirty COW)NessusUbuntu Local Security Checks
high
94153Ubuntu 14.04 LTS : linux vulnerability (USN-3105-1) (Dirty COW)NessusUbuntu Local Security Checks
high
94152Ubuntu 12.04 LTS : linux vulnerability (USN-3104-1) (Dirty COW)NessusUbuntu Local Security Checks
high
94146Debian DSA-3696-1 : linux - security update (Dirty COW)NessusDebian Local Security Checks
high
94144Debian DLA-670-1 : linux security update (Dirty COW)NessusDebian Local Security Checks
high