The Linux kernel which ships with the base operating system of VMware Appliances contains a race condition in the way its memory subsystem handles copy-on-write (aka “Dirty COW”). Successful exploitation of the vulnerability may allow for local privilege escalation. The product lines listed in this advisory have been confirmed to be affected. VMware product lines that are not affected are documented in VMware Knowledge Base article 2147515.

The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the identifier CVE-2016-5195 to this issue.

Column 5 of the following table lists the action required to remediate the vulnerability in each release, if a solution is available.

openvas 24

nessus 56

android 2

oraclelinux 8

saint 4

thn 4

securelist 2

redhat 13

zdt 7

suse 17

chrome 1

paloalto 1

debiancve 1

ubuntu 10

ibm 7

veracode 1

fedora 3

seebug 2

centos 3

huawei 1

archlinux 3

ubuntucve 1

altlinux 1

threatpost 3

myhack58 1

f5 2

attackerkb 1

arista 1

cisco 1

slackware 1

cert 1

cisa 1

packetstorm 2

cve 2

canvas 1

fortinet 1

prion 2

vmware 1

cisa_kev 1

amazon 1

redhatcve 1

malwarebytes 1

kitploit 1

mageia 1

openvas

Fedora Update for kernel FEDORA-2016-c3558808cd

2016-11-14 00:00:00

Ubuntu Update for linux-lts-trusty USN-3105-2

2016-10-21 00:00:00

RedHat Update for kernel RHSA-2016:2098-01

2016-10-25 00:00:00

nessus

SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2596-1) (Dirty COW)

2016-10-26 00:00:00

SUSE SLES11 Security Update : kernel (SUSE-SU-2016:2585-1) (Dirty COW)

2016-10-26 00:00:00

Scientific Linux Security Update : Important: kernel on SL6.x i386/x86_64 (20161025) (Dirty COW)

2016-10-26 00:00:00

android

CVE-2016-5195

2016-11-01 00:00:00

dirtyc0w

2016-10-13 00:00:00

oraclelinux

Unbreakable Enterprise kernel security update

2016-10-21 00:00:00

kernel security update

2016-10-24 00:00:00

Unbreakable Enterprise kernel security update

2016-10-21 00:00:00

saint

Linux Dirty COW Local File Overwrite

2016-10-27 00:00:00

Linux Dirty COW Local File Overwrite

2016-10-27 00:00:00

Linux Dirty COW Local File Overwrite

2016-10-27 00:00:00

thn

Dirty COW — Critical Linux Kernel Flaw Being Exploited in the Wild

2016-10-20 23:02:00

'Exodus' Surveillance Malware Found Targeting Apple iOS Users

2019-04-09 07:19:00

Researchers Warn of Linux Kernel 'Dirty Pipe' Arbitrary File Overwrite Vulnerability

2022-03-08 07:43:00

securelist

Mobile malware evolution 2019

2020-02-25 10:00:43

APT trends report Q1 2019

2019-04-30 10:00:31

redhat

(RHSA-2016:2126) Important: kernel security update

2016-10-31 00:00:00

(RHSA-2016:2098) Important: kernel security update

2016-10-24 12:01:05

(RHSA-2016:2127) Important: kernel security update

2016-10-31 00:00:00

zdt

DirtyCow Linux Kernel Race Condition Exploit

2016-10-22 00:00:00

Linux Kernel 2.6.22 < 3.9 - Dirty COW PTRACE_POKEDATA Race Condition Privilege Escalation (/etc/p

2016-11-29 00:00:00

Linux Kernel 2.6.22 < 3.9 - Dirty COW /proc/self/mem Race Condition Privilege Escalation (/etc/pa

2016-11-29 00:00:00

suse

Security update for the Linux Kernel (important)

2016-10-21 19:14:25

Security update for the Linux Kernel (important)

2016-10-21 21:08:21

Security update for the Linux Kernel (important)

2016-10-21 17:17:10

chrome

Stable Channel Update for Chrome OS

2016-10-26 00:00:00

paloalto

Kernel Vulnerability

2017-02-21 19:30:00

debiancve

CVE-2016-5195

2016-11-10 21:59:00

ubuntu

Linux kernel vulnerability

2016-10-20 00:00:00

Linux kernel (OMAP4) vulnerability

2016-10-20 00:00:00

Linux kernel (Qualcomm Snapdragon) vulnerability

2016-10-20 00:00:00

ibm

Security Bulletin: Vulnerability in Linux Kernel affects ProtecTIER: Dirty COW vulnerability (CVE-2016-5195)

2022-02-16 22:09:18

Security Bulletin: IBM Security Access Manager appliances may be affected by a kernel vulnerability known as the Dirty COW bug (CVE-2016-5195)

2018-06-16 21:50:05

Security Bulletin: IBM Flex System Manager (FSM) is affected by a kernel vulnerability

2018-06-18 01:34:54

veracode

Arbitrary Code Execution

2019-01-15 09:14:05

fedora

[SECURITY] Fedora 24 Update: kernel-4.7.9-200.fc24

2016-10-22 17:20:39

[SECURITY] Fedora 23 Update: kernel-4.7.9-100.fc23

2016-10-23 22:49:20

[SECURITY] Fedora 25 Update: kernel-4.8.3-300.fc25

2016-10-22 12:53:27

seebug

Linux kernel 2.6.22 < 3.9 elevation of privilege vulnerability (Dirty COW)

2016-10-22 00:00:00

"Huge Dirty COW" (CVE-2017–1000405)

2017-11-30 00:00:00

centos

kernel, perf, python security update

2016-10-25 11:17:10

kernel, perf, python security update

2016-10-26 07:33:13

kernel security update

2016-10-28 13:34:09

huawei

Security Advisory - Dirty COW Vulnerability in Huawei Products

2016-12-07 00:00:00

archlinux

[ASA-201610-14] linux: privilege escalation

2016-10-22 00:00:00

[ASA-201610-11] linux-lts: privilege escalation

2016-10-21 00:00:00

[ASA-201610-16] linux-grsec: privilege escalation

2016-10-24 00:00:00

ubuntucve

CVE-2016-5195

2016-10-19 00:00:00

altlinux

Security fix for the ALT Linux 7 package kernel-image-std-def version 1:3.14.79-alt0.M70P.2

2016-10-25 00:00:00

threatpost

Serious Dirty Cow Linux Vulnerability Under Attack

2016-10-21 11:21:36

Flaw Found In Dirty COW Patch

2017-12-01 11:43:06

Dirty Cow Vulnerability Patched in Android Security Bulletin

2016-12-05 15:32:51

myhack58

CVE-2 0 1 6-5 1 9 5 dirty cattle vulnerability: the Linux kernel through kill to mention the right vulnerability-vulnerability warning-the black bar safety net

2016-10-21 00:00:00

K10558632 : Linux privilege-escalation vulnerability CVE-2016-5195

2016-10-21 00:00:00

SOL10558632 - Linux privilege-escalation vulnerability (Dirty COW) CVE-2016-5195

2016-10-21 00:00:00

attackerkb

CVE-2016-5195

2016-11-10 00:00:00

arista

Security Advisory 0026

2016-10-21 00:00:00

cisco

Vulnerability in Linux Kernel Affecting Cisco Products: October 2016

2016-10-26 15:00:00

slackware

[slackware-security] kernel

2016-11-01 03:40:05

cert

Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability

2016-10-21 00:00:00

cisa

Linux Kernel Vulnerability

2016-10-21 00:00:00

packetstorm

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation

2016-11-28 00:00:00

Linux Kernel Dirty COW PTRACE_POKEDATA Privilege Escalation

2016-11-25 00:00:00

cve

CVE-2016-5195

2016-11-10 21:59:00

CVE-2016-3919

2016-11-25 18:59:00

canvas

Immunity Canvas: LINUX_FOLL_WRITE_COW

2016-11-10 21:59:00

fortinet

Linux Kernel Dirty Cow Vulnerability

2016-11-09 00:00:00

prion

Race condition

2016-11-10 21:59:00

Design/Logic Flaw

2016-11-25 18:59:00

vmware

VMware product updates address local privilege escalation vulnerability in Linux kernel

2016-11-09 00:00:00

cisa_kev

Linux Kernel Race Condition Vulnerability

2022-03-03 00:00:00

amazon

Critical: kernel

2016-10-20 04:11:00

redhatcve

CVE-2017-1000405

2017-11-30 07:49:34

malwarebytes

Linux “Dirty Pipe” vulnerability gives unprivileged users root access

2022-03-11 14:38:30

kitploit

K0Otkit - Universal Post-Penetration Technique Which Could Be Used In Penetrations Against Kubernetes Clusters

2022-05-31 12:30:00

mageia

Updated kernel packages fixes security vulnerabilities

2016-10-20 22:31:18

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

0.879 High

EPSS

Percentile

98.4%

JSON

Related for VMSA-2016-0018