Vulnerability CVE-2016-5195: Information

Description

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Severity: HIGH (7.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2016-5195

Published: Nov. 11, 2016

Modified: Nov. 7, 2023

Error type identifier: CWE-362

Fixed packages

Package name	Branch	Fixed in version	Version from repository	Errata ID	Task #	State
kernel-image-ovz-el	p8	2.6.32-alt144	2.6.32-alt170.M80P.1	ALT-PU-2016-2148-1	171221	Fixed
kernel-image-std-def	sisyphus	4.4.26-alt1	6.1.90-alt1	ALT-PU-2016-2128-1	171136	Fixed
kernel-image-std-def	p10	4.4.26-alt1	5.10.216-alt1	ALT-PU-2016-2128-1	171136	Fixed
kernel-image-std-def	p9	4.4.26-alt1	5.4.275-alt1	ALT-PU-2016-2128-1	171136	Fixed
kernel-image-std-def	p8	4.4.26-alt0.M80P.1	4.9.337-alt0.M80P.1	ALT-PU-2016-2140-1	171145	Fixed
kernel-image-std-def	c9f2	4.4.26-alt1	5.10.214-alt0.c9f.2	ALT-PU-2016-2128-1	171136	Fixed
kernel-image-std-def	c7	3.14.59-alt1.M70C.6	4.4.277-alt0.M70C.1	ALT-PU-2016-2163-1	171285	Fixed
kernel-image-un-def	sisyphus	4.7.9-alt1	6.6.30-alt1	ALT-PU-2016-2139-1	171139	Fixed
kernel-image-un-def	p10	4.7.9-alt1	6.1.85-alt1	ALT-PU-2016-2139-1	171139	Fixed
kernel-image-un-def	p9	4.7.9-alt1	5.10.215-alt1	ALT-PU-2016-2139-1	171139	Fixed
kernel-image-un-def	p8	4.7.9-alt0.M80P.1	4.19.310-alt0.M80P.1	ALT-PU-2016-2142-1	171150	Fixed
kernel-image-un-def	c10f1	4.7.9-alt1	6.1.85-alt0.c10f.1	ALT-PU-2016-2139-1	171139	Fixed
kernel-image-un-def	c9f2	4.7.9-alt1	5.10.29-alt2	ALT-PU-2016-2139-1	171139	Fixed
kernel-image-un-def	c7	4.4.26-alt0.M70C.2	4.9.277-alt0.M70C.1	ALT-PU-2016-2158-1	171149	Fixed

References to Advisories, Solutions, and Tools

Hyperlink	Resource
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3	Release Notes Vendor Advisory
https://dirtycow.ninja	Third Party Advisory
https://security-tracker.debian.org/tracker/CVE-2016-5195	Issue Tracking Third Party Advisory
https://access.redhat.com/security/cve/cve-2016-5195	Third Party Advisory
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails	Third Party Advisory
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html	Third Party Advisory
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs	Third Party Advisory
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619	Issue Tracking Patch Third Party Advisory
https://bugzilla.suse.com/show_bug.cgi?id=1004418	Issue Tracking Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1384344	Issue Tracking Third Party Advisory
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619	Issue Tracking Patch Vendor Advisory
[oss-security] 20161026 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability	Mailing List Third Party Advisory
https://access.redhat.com/security/vulnerabilities/2706661	Third Party Advisory
VU#243144	Third Party Advisory US Government Resource
93793	Third Party Advisory VDB Entry
https://source.android.com/security/bulletin/2016-11-01.html	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541	Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241	Third Party Advisory
40847	Third Party Advisory VDB Entry
40839	Third Party Advisory VDB Entry
https://kc.mcafee.com/corporate/index?page=content&id=SB10176	Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa134	Third Party Advisory
https://source.android.com/security/bulletin/2016-12-01.html	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us	Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us	Third Party Advisory
1037078	Third Party Advisory VDB Entry
40616	Third Party Advisory VDB Entry
40611	Third Party Advisory VDB Entry
https://security.netapp.com/advisory/ntap-20161025-0001/	Third Party Advisory
RHSA-2017:0372	Third Party Advisory
RHSA-2016:2133	Third Party Advisory
RHSA-2016:2132	Third Party Advisory
RHSA-2016:2128	Third Party Advisory
RHSA-2016:2127	Third Party Advisory
RHSA-2016:2126	Third Party Advisory
RHSA-2016:2124	Third Party Advisory
RHSA-2016:2120	Third Party Advisory
RHSA-2016:2118	Third Party Advisory
RHSA-2016:2110	Third Party Advisory
RHSA-2016:2107	Third Party Advisory
RHSA-2016:2106	Third Party Advisory
RHSA-2016:2105	Third Party Advisory
RHSA-2016:2098	Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html	Patch Third Party Advisory
https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes	Third Party Advisory
https://security.paloaltonetworks.com/CVE-2016-5195	Third Party Advisory
openSUSE-SU-2020:0554	Mailing List Third Party Advisory
openSUSE-SU-2016:2649	Mailing List Third Party Advisory
20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege	Third Party Advisory VDB Entry
DSA-3696	Third Party Advisory
http://packetstormsecurity.com/files/139277/Kernel-Live-Patch-Security-Notice-LSN-0012-1.html	Third Party Advisory VDB Entry
SUSE-SU-2016:3304	Mailing List Third Party Advisory
http://fortiguard.com/advisory/FG-IR-16-063	Third Party Advisory
SUSE-SU-2016:2657	Mailing List Third Party Advisory
USN-3104-2	Third Party Advisory
USN-3104-1	Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10222	Third Party Advisory
http://packetstormsecurity.com/files/139286/DirtyCow-Linux-Kernel-Race-Condition.html	Third Party Advisory VDB Entry
20161026 Vulnerability in Linux Kernel Affecting Cisco Products: October 2016	Third Party Advisory
[oss-security] 20161021 CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability	Mailing List Third Party Advisory
20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability	Third Party Advisory VDB Entry
SUSE-SU-2016:2658	Mailing List Third Party Advisory
20161020 [CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability	Third Party Advisory VDB Entry
SUSE-SU-2016:3069	Mailing List Third Party Advisory
SUSE-SU-2016:2673	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/139922/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html	Third Party Advisory VDB Entry
SUSE-SU-2016:2633	Mailing List Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10177	Third Party Advisory
SUSE-SU-2016:2636	Mailing List Third Party Advisory
20181107 Cisco TelePresence Video Communication Server Test Validation Script Issue	Third Party Advisory
http://packetstormsecurity.com/files/139287/DirtyCow-Local-Root-Proof-Of-Concept.html	Third Party Advisory VDB Entry
openSUSE-SU-2016:2583	Mailing List Third Party Advisory
SUSE-SU-2016:2630	Mailing List Third Party Advisory
USN-3105-1	Third Party Advisory
USN-3105-2	Third Party Advisory
SUSE-SU-2016:2634	Mailing List Third Party Advisory
[oss-security] 20161103 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability	Mailing List Third Party Advisory
SUSE-SU-2016:2596	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/142151/Kernel-Live-Patch-Security-Notice-LSN-0021-1.html	Third Party Advisory VDB Entry
20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege	Third Party Advisory VDB Entry
SUSE-SU-2016:2635	Mailing List Third Party Advisory
SUSE-SU-2016:2585	Mailing List Third Party Advisory
USN-3106-4	Third Party Advisory
USN-3106-3	Third Party Advisory
[oss-security] 20161030 Re: CVE-2016-5195 test case	Mailing List Third Party Advisory
SUSE-SU-2016:2592	Mailing List Third Party Advisory
SUSE-SU-2016:2629	Mailing List Third Party Advisory
https://www.arista.com/en/support/advisories-notices/security-advisories/1753-security-advisory-0026	Third Party Advisory
USN-3106-2	Third Party Advisory
USN-3106-1	Third Party Advisory
SUSE-SU-2016:2637	Mailing List Third Party Advisory
SUSE-SU-2016:2631	Mailing List Third Party Advisory
openSUSE-SU-2016:2584	Mailing List Third Party Advisory
20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege	Third Party Advisory VDB Entry
openSUSE-SU-2016:2625	Mailing List Third Party Advisory
http://packetstormsecurity.com/files/139923/Linux-Kernel-Dirty-COW-PTRACE_POKEDATA-Privilege-Escalation.html	Third Party Advisory VDB Entry
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807	Third Party Advisory
20170615 [security bulletin] HPESBGN03761 rev.1 - HPE Virtualization Performance Viewer (VPV)/ Cloud Optimizer using Linux, Remote Escalation of Privilege	Third Party Advisory VDB Entry
SUSE-SU-2016:2632	Mailing List Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774	Third Party Advisory
SUSE-SU-2016:2593	Mailing List Third Party Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770	Third Party Advisory
20170331 [security bulletin] HPESBGN03722 rev.1 - HPE Operations Agent, Local Escalation of Privilege	Third Party Advisory VDB Entry
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20161207-01-dirtycow-en	Third Party Advisory
SUSE-SU-2016:2638	Mailing List Third Party Advisory
SUSE-SU-2016:2659	Mailing List Third Party Advisory
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05352241	Third Party Advisory
SUSE-SU-2016:2655	Mailing List Third Party Advisory
USN-3107-2	Third Party Advisory
SUSE-SU-2016:2614	Mailing List Third Party Advisory
[oss-security] 20161027 CVE-2016-5195 test case	Mailing List Third Party Advisory
USN-3107-1	Third Party Advisory
20170310 [security bulletin] HPESBGN03707 rev.1 - HPE ConvergedSystem 700 2.0 VMware Kit, Remote Increase of Privilege	Third Party Advisory VDB Entry
[oss-security] 20220307 CVE-2022-0847: Linux kernel: overwriting read-only files	Mailing List Third Party Advisory
[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions	Mailing List Third Party Advisory
[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions	Mailing List Third Party Advisory
[oss-security] 20220808 CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions	Mailing List Third Party Advisory
[oss-security] 20220808 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions	Mailing List Third Party Advisory
[oss-security] 20220809 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions	Mailing List Third Party Advisory
[oss-security] 20220815 Re: CVE-2022-2590: Linux kernel: Modifying shmem/tmpfs files without write permissions	Mailing List Third Party Advisory
FEDORA-2016-c3558808cd
FEDORA-2016-db4b75b352
FEDORA-2016-c8a0c7eece

Affected configurations:
1. Configuration 1
  cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
  
  Configuration 2
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.3
  End excliding
  3.4.113
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  2.6.22
  End excliding
  3.2.83
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.5
  End excliding
  3.10.104
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.11
  End excliding
  3.12.66
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.13
  End excliding
  3.16.38
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.17
  End excliding
  3.18.44
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  3.19
  End excliding
  4.1.35
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.2
  End excliding
  4.4.26
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.5
  End excliding
  4.7.9
  cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
  Start including
  4.8
  End excliding
  4.8.3
  
  Configuration 3
  cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_tus:6.5:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:6.7:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_long_life:5.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_aus:6.4:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_long_life:5.9:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_aus:6.2:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:7.1:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_eus:6.6:*:*:*:*:*:*:*
  cpe:2.3:o:redhat:enterprise_linux_aus:6.5:*:*:*:*:*:*:*
  
  Configuration 4
  cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Version: v24.5.0

Vulnerability CVE-2016-5195: Information

Description

Fixed packages

References to Advisories, Solutions, and Tools

Configuration 1

Configuration 2

Configuration 3

Configuration 4