Lucene search

K
cveChromeCVE-2016-5195
HistoryNov 10, 2016 - 9:59 p.m.

CVE-2016-5195

2016-11-1021:59:00
CWE-362
Chrome
web.nvd.nist.gov
1707
In Wild
21
20
cve-2016-5195
race condition
linux kernel
cow
dirty cow
nvd

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.817

Percentile

98.4%

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka “Dirty COW.”

Affected configurations

Nvd
Node
canonicalubuntu_linuxMatch12.04-
OR
canonicalubuntu_linuxMatch14.04esm
OR
canonicalubuntu_linuxMatch16.04esm
OR
canonicalubuntu_linuxMatch16.10
Node
linuxlinux_kernelRange2.6.223.2.83
OR
linuxlinux_kernelRange3.33.4.113
OR
linuxlinux_kernelRange3.53.10.104
OR
linuxlinux_kernelRange3.113.12.66
OR
linuxlinux_kernelRange3.133.16.38
OR
linuxlinux_kernelRange3.173.18.44
OR
linuxlinux_kernelRange3.194.1.35
OR
linuxlinux_kernelRange4.24.4.26
OR
linuxlinux_kernelRange4.54.7.9
OR
linuxlinux_kernelRange4.84.8.3
Node
redhatenterprise_linuxMatch5
OR
redhatenterprise_linuxMatch6.0
OR
redhatenterprise_linuxMatch7.0
OR
redhatenterprise_linux_ausMatch6.2
OR
redhatenterprise_linux_ausMatch6.4
OR
redhatenterprise_linux_ausMatch6.5
OR
redhatenterprise_linux_eusMatch6.6
OR
redhatenterprise_linux_eusMatch6.7
OR
redhatenterprise_linux_eusMatch7.1
OR
redhatenterprise_linux_long_lifeMatch5.6
OR
redhatenterprise_linux_long_lifeMatch5.9
OR
redhatenterprise_linux_tusMatch6.5
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
Node
fedoraprojectfedoraMatch23
OR
fedoraprojectfedoraMatch24
OR
fedoraprojectfedoraMatch25
Node
paloaltonetworkspan-osRange5.17.0.14
OR
paloaltonetworkspan-osRange7.1.07.1.8
Node
netappcloud_backupMatch-
OR
netapphci_storage_nodesMatch-
OR
netapponcommand_balanceMatch-
OR
netapponcommand_performance_managerMatch-
OR
netapponcommand_unified_manager_for_clustered_data_ontapMatch-
OR
netappontap_select_deploy_administration_utilityMatch-
OR
netappsnapprotectMatch-
OR
netappsolidfireMatch-
VendorProductVersionCPE
canonicalubuntu_linux12.04cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
canonicalubuntu_linux14.04cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
canonicalubuntu_linux16.04cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
canonicalubuntu_linux16.10cpe:2.3:o:canonical:ubuntu_linux:16.10:*:*:*:*:*:*:*
linuxlinux_kernel*cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
redhatenterprise_linux5cpe:2.3:o:redhat:enterprise_linux:5:*:*:*:*:*:*:*
redhatenterprise_linux6.0cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
redhatenterprise_linux7.0cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
redhatenterprise_linux_aus6.2cpe:2.3:o:redhat:enterprise_linux_aus:6.2:*:*:*:*:*:*:*
redhatenterprise_linux_aus6.4cpe:2.3:o:redhat:enterprise_linux_aus:6.4:*:*:*:*:*:*:*
Rows per page:
1-10 of 311

References

Social References

More

CVSS2

7.2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:C/I:C/A:C

CVSS3

7

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

AI Score

7.8

Confidence

High

EPSS

0.817

Percentile

98.4%