National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

CVE-2016-5195 Detail

Description

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Source:  MITRE      Last Modified:  11/10/2016

Quick Info

CVE Dictionary Entry:
CVE-2016-5195
Original release date:
11/10/2016
Last revised:
01/04/2018
Source:
US-CERT/NIST

Impact

CVSS Severity (version 3.0):
CVSS v3 Base Score:
7.8 High
Vector:
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H (legend)
Impact Score:
5.9
Exploitability Score:
1.8
CVSS Version 3 Metrics:
Attack Vector (AV):
Local
Attack Complexity (AC):
Low
Privileges Required (PR):
Low
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
High
Integrity (I):
High
Availability (A):
High
CVSS Severity (version 2.0):
CVSS v2 Base Score:
7.2 HIGH
Vector:
(AV:L/AC:L/Au:N/C:C/I:C/A:C) (legend)
Impact Subscore:
10.0
Exploitability Subscore:
3.9
CVSS Version 2 Metrics:
Access Vector:
Locally exploitable
Access Complexity:
Low
Authentication:
Not required to exploit
Impact Type:
Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

Hyperlink Resource Type Source Name
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 Issue Tracking; Patch External Source CONFIRM http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
http://rhn.redhat.com/errata/RHSA-2016-2098.html External Source REDHAT RHSA-2016:2098
http://rhn.redhat.com/errata/RHSA-2016-2105.html External Source REDHAT RHSA-2016:2105
http://rhn.redhat.com/errata/RHSA-2016-2106.html External Source REDHAT RHSA-2016:2106
http://rhn.redhat.com/errata/RHSA-2016-2107.html External Source REDHAT RHSA-2016:2107
http://rhn.redhat.com/errata/RHSA-2016-2110.html External Source REDHAT RHSA-2016:2110
http://rhn.redhat.com/errata/RHSA-2016-2118.html External Source REDHAT RHSA-2016:2118
http://rhn.redhat.com/errata/RHSA-2016-2120.html External Source REDHAT RHSA-2016:2120
http://rhn.redhat.com/errata/RHSA-2016-2124.html External Source REDHAT RHSA-2016:2124
http://rhn.redhat.com/errata/RHSA-2016-2126.html External Source REDHAT RHSA-2016:2126
http://rhn.redhat.com/errata/RHSA-2016-2127.html External Source REDHAT RHSA-2016:2127
http://rhn.redhat.com/errata/RHSA-2016-2128.html External Source REDHAT RHSA-2016:2128
http://rhn.redhat.com/errata/RHSA-2016-2132.html External Source REDHAT RHSA-2016:2132
http://rhn.redhat.com/errata/RHSA-2016-2133.html External Source REDHAT RHSA-2016:2133
http://securityadvisories.paloaltonetworks.com/Home/Detail/73 External Source CONFIRM http://securityadvisories.paloaltonetworks.com/Home/Detail/73
http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3 Release Notes; Vendor Advisory External Source CONFIRM http://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.8.3
http://www.openwall.com/lists/oss-security/2016/10/26/7 Mailing List; Third Party Advisory External Source MLIST [oss-security] 20161026 Re: CVE-2016-5195 "Dirty COW" Linux kernel privilege escalation vulnerability
http://www.securityfocus.com/bid/93793 External Source BID 93793
http://www.securitytracker.com/id/1037078 External Source SECTRACK 1037078
https://access.redhat.com/errata/RHSA-2017:0372 External Source REDHAT RHSA-2017:0372
https://access.redhat.com/security/cve/cve-2016-5195 Third Party Advisory External Source CONFIRM https://access.redhat.com/security/cve/cve-2016-5195
https://access.redhat.com/security/vulnerabilities/2706661 Third Party Advisory External Source CONFIRM https://access.redhat.com/security/vulnerabilities/2706661
https://bto.bluecoat.com/security-advisory/sa134 External Source CONFIRM https://bto.bluecoat.com/security-advisory/sa134
https://bugzilla.redhat.com/show_bug.cgi?id=1384344 Issue Tracking External Source CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=1384344
https://bugzilla.suse.com/show_bug.cgi?id=1004418 Issue Tracking External Source CONFIRM https://bugzilla.suse.com/show_bug.cgi?id=1004418
https://dirtycow.ninja Third Party Advisory External Source MISC https://dirtycow.ninja
https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs Third Party Advisory External Source MISC https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs
https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails Third Party Advisory External Source MISC https://github.com/dirtycow/dirtycow.github.io/wiki/VulnerabilityDetails
https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619 Issue Tracking; Patch; Third Party Advisory External Source CONFIRM https://github.com/torvalds/linux/commit/19be0eaffa3ac7d8eb6784ad9bdbc7d67ed8e619
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us External Source CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03707en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us External Source CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03722en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us External Source CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03742en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us External Source CONFIRM https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03761en_us
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05341463
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05347541
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241 External Source CONFIRM https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05352241
https://kc.mcafee.com/corporate/index?page=content&id=SB10176 External Source CONFIRM https://kc.mcafee.com/corporate/index?page=content&id=SB10176
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html Third Party Advisory External Source CONFIRM https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-5195.html
https://security.netapp.com/advisory/ntap-20161025-0001/ External Source CONFIRM https://security.netapp.com/advisory/ntap-20161025-0001/
https://security-tracker.debian.org/tracker/CVE-2016-5195 Issue Tracking; Third Party Advisory External Source CONFIRM https://security-tracker.debian.org/tracker/CVE-2016-5195
https://source.android.com/security/bulletin/2016-11-01.html External Source CONFIRM https://source.android.com/security/bulletin/2016-11-01.html
https://source.android.com/security/bulletin/2016-12-01.html External Source CONFIRM https://source.android.com/security/bulletin/2016-12-01.html
https://www.exploit-db.com/exploits/40611/ External Source EXPLOIT-DB 40611
https://www.exploit-db.com/exploits/40616/ External Source EXPLOIT-DB 40616
https://www.exploit-db.com/exploits/40839/ External Source EXPLOIT-DB 40839
https://www.exploit-db.com/exploits/40847/ External Source EXPLOIT-DB 40847
https://www.kb.cert.org/vuls/id/243144 Third Party Advisory; US Government Resource External Source CERT-VN VU#243144

Technical Details

Vulnerability Type (View All)

Change History 17 change records found - show changes