Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Question

Security Bulletin: Dirty COW Vulnerability (CVE-2016-5195)

Answer

Summary

A vulnerability has been found in the Linux kernel. An attacker could exploit the vulnerability to increase their privileges on the system.

Vulnerability Details

CVEID: CVE-2016-5195 DESCRIPTION: A race condition was found in the way the Linux kernel’s memory subsystem handled the copy-on-write (COW) breakage of private read-only memory mappings. An unprivileged local user could use this flaw to gain write access to otherwise read-only memory mappings and thus increase their privileges on the system.

• CVSS3 Base Score: 7.8
• CVSS3 Base Metrics: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
• Attack Vector: Local
• Attack Complexity: Low
• Privileges Required: Low
• User Interaction: None
• Scope: Unchanged
• Confidentiality: High
• Integrity Impact: High
• Availability Impact: High

Affected Products

Aspera Files is not affected or exploitable as of October 29 when servers were patched against this vulnerability.

Aspera On Demand systems (including ATCM) are affected and should be patched against this vulnerability.

Remediation

1. On your Aspera On Demand system run the following command:

yum clean all; yum install -y kernel openssh-server

2. Conduct a soft reboot (not a hard reset) of your system.

[{“Business Unit”:{“code”:“BU053”,“label”:“Cloud & Data Platform”},“Product”:{“code”:“SS8NDZ”,“label”:“IBM Aspera”},“Component”:“”,“Platform”:[{“code”:“PF025”,“label”:“Platform Independent”}],“Version”:“All Versions”,“Edition”:“”,“Line of Business”:{“code”:“LOB45”,“label”:“Automation”}}]