Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.”

References

git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=9691eac5593ff1e2f82391ad327f21d90322aec1

git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=e45a502bdeae5a075257c4f061d1ff4ff0821354

nvd.nist.gov/vuln/data-feeds

source.android.com/security/bulletin/2016-11-01.html

nessus 54

ibm 7

veracode 1

fedora 3

oraclelinux 7

zdt 7

seebug 2

ubuntu 10

archlinux 3

ubuntucve 1

openvas 35

centos 3

huawei 1

saint 4

suse 11

altlinux 1

android 1

myhack58 1

threatpost 3

redhat 12

attackerkb 1

f5 2

arista 1

cert 1

cisco 1

slackware 1

securelist 2

thn 4

debiancve 1

chrome 1

paloalto 1

cisa 1

cve 2

packetstorm 2

canvas 1

fortinet 1

prion 2

vmware 2

amazon 1

cisa_kev 1

redhatcve 1

malwarebytes 1

kitploit 1

nessus

Amazon Linux AMI : kernel (ALAS-2016-757) (Dirty COW)

2016-10-21 00:00:00

SUSE SLED12 / SLES12 Security Update : kernel (SUSE-SU-2016:2592-1) (Dirty COW)

2016-10-26 00:00:00

RHEL 6 : kernel (RHSA-2016:2106) (Dirty COW)

2016-10-27 00:00:00

ibm

Security Bulletin: Vulnerability in Linux Kernel affects ProtecTIER: Dirty COW vulnerability (CVE-2016-5195)

2022-02-16 22:09:18

Security Bulletin: IBM Security Access Manager appliances may be affected by a kernel vulnerability known as the Dirty COW bug (CVE-2016-5195)

2018-06-16 21:50:05

Security Bulletin: Linux kernel privesc Dirty COW vulnerability affects Tivoli Business Service Manager (CVE-2016-5195)

2018-06-17 15:32:54

veracode

Arbitrary Code Execution

2019-01-15 09:14:05

fedora

[SECURITY] Fedora 24 Update: kernel-4.7.9-200.fc24

2016-10-22 17:20:39

[SECURITY] Fedora 23 Update: kernel-4.7.9-100.fc23

2016-10-23 22:49:20

[SECURITY] Fedora 25 Update: kernel-4.8.3-300.fc25

2016-10-22 12:53:27

oraclelinux

Unbreakable Enterprise kernel security update

2016-10-21 00:00:00

kernel security update

2016-10-24 00:00:00

kernel security update

2016-10-25 00:00:00

zdt

Linux Kernel 2.6.22 < 3.9 - Dirty COW PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/p

2016-11-29 00:00:00

Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa

2016-11-29 00:00:00

Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa

2016-11-30 00:00:00

seebug

"Huge Dirty COW" (CVE-2017–1000405)

2017-11-30 00:00:00

Linux kernel 2.6.22 < 3.9 elevation of privilege vulnerability (Dirty COW)

2016-10-22 00:00:00

ubuntu

Linux kernel vulnerability

2016-10-20 00:00:00

Linux kernel (Qualcomm Snapdragon) vulnerability

2016-10-20 00:00:00

Linux kernel vulnerability

2016-10-20 00:00:00

archlinux

[ASA-201610-14] linux: privilege escalation

2016-10-22 00:00:00

[ASA-201610-11] linux-lts: privilege escalation

2016-10-21 00:00:00

[ASA-201610-16] linux-grsec: privilege escalation

2016-10-24 00:00:00

ubuntucve

CVE-2016-5195

2016-10-19 00:00:00

openvas

Amazon Linux: Security Advisory (ALAS-2016-757)

2016-10-26 00:00:00

Ubuntu: Security Advisory (USN-3106-2)

2016-10-21 00:00:00

Ubuntu: Security Advisory (USN-3105-1)

2016-10-21 00:00:00

centos

kernel, perf, python security update

2016-10-25 11:17:10

kernel, perf, python security update

2016-10-26 07:33:13

kernel security update

2016-10-28 13:34:09

huawei

Security Advisory - Dirty COW Vulnerability in Huawei Products

2016-12-07 00:00:00

saint

Linux Dirty COW Local File Overwrite

2016-10-27 00:00:00

Linux Dirty COW Local File Overwrite

2016-10-27 00:00:00

Linux Dirty COW Local File Overwrite

2016-10-27 00:00:00

suse

Security update for the Linux Kernel (important)

2016-10-21 17:17:10

Security update for the Linux Kernel (important)

2016-10-21 19:14:25

Security update for the Linux Kernel (important)

2016-10-21 21:08:21

altlinux

Security fix for the ALT Linux 7 package kernel-image-std-def version 1:3.14.79-alt0.M70P.2

2016-10-25 00:00:00

android

dirtyc0w

2016-10-13 00:00:00

myhack58

CVE-2 0 1 6-5 1 9 5 dirty cattle vulnerability: the Linux kernel through kill to mention the right vulnerability-vulnerability warning-the black bar safety net

2016-10-21 00:00:00

threatpost

Serious Dirty Cow Linux Vulnerability Under Attack

2016-10-21 11:21:36

Dirty Cow Vulnerability Patched in Android Security Bulletin

2016-12-05 15:32:51

Flaw Found In Dirty COW Patch

2017-12-01 11:43:06

redhat

(RHSA-2016:2127) Important: kernel security update

2016-10-31 00:00:00

(RHSA-2016:2105) Important: kernel security update

2016-10-25 20:57:14

(RHSA-2016:2118) Important: kernel security update

2016-10-26 15:24:13

attackerkb

CVE-2016-5195

2016-11-10 00:00:00

K10558632 : Linux privilege-escalation vulnerability CVE-2016-5195

2016-10-21 00:00:00

SOL10558632 - Linux privilege-escalation vulnerability (Dirty COW) CVE-2016-5195

2016-10-21 00:00:00

arista

Security Advisory 0026

2016-10-21 00:00:00

cert

Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability

2016-10-21 00:00:00

cisco

Vulnerability in Linux Kernel Affecting Cisco Products: October 2016

2016-10-26 15:00:00

slackware

[slackware-security] kernel

2016-11-01 03:40:05

securelist

Mobile malware evolution 2019

2020-02-25 10:00:43

APT trends report Q1 2019

2019-04-30 10:00:31

thn

Dirty COW — Critical Linux Kernel Flaw Being Exploited in the Wild

2016-10-20 23:02:00

'Exodus' Surveillance Malware Found Targeting Apple iOS Users

2019-04-09 07:19:00

First Android Malware Found Exploiting Dirty COW Linux Flaw to Gain Root Privileges

2017-09-26 02:52:00

debiancve

CVE-2016-5195

2016-11-10 21:59:00

chrome

Stable Channel Update for Chrome OS

2016-10-26 00:00:00

paloalto

Kernel Vulnerability

2017-02-21 19:30:00

cisa

Linux Kernel Vulnerability

2016-10-21 00:00:00

cve

CVE-2016-5195

2016-11-10 21:59:00

CVE-2016-3919

2016-11-25 18:59:00

packetstorm

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation

2016-11-28 00:00:00

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation

2016-11-25 00:00:00

canvas

Immunity Canvas: LINUX_FOLL_WRITE_COW

2016-11-10 21:59:00

fortinet

Linux Kernel Dirty Cow Vulnerability

2016-11-09 00:00:00

prion

Race condition

2016-11-10 21:59:00

Design/Logic Flaw

2016-11-25 18:59:00

vmware

VMware product updates address local privilege escalation vulnerability in Linux kernel

2016-11-09 00:00:00

VMware product updates address local privilege escalation vulnerability in Linux kernel

2016-11-09 00:00:00

amazon

Critical: kernel

2016-10-20 04:11:00

cisa_kev

Linux Kernel Race Condition Vulnerability

2022-03-03 00:00:00

redhatcve

CVE-2017-1000405

2017-11-30 07:49:34

malwarebytes

Linux “Dirty Pipe” vulnerability gives unprivileged users root access

2022-03-11 14:38:30

kitploit

K0Otkit - Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters

2022-05-31 12:30:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

7.2 High

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

JSON

Related for ANDROID:CVE-2016-5195