CVE-2016-5195

critical-risk
Published 2016-11-10

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

Do I need to act?

!
94.2% chance of exploitation in next 30 days
EPSS score — higher than 6% of all CVEs
!
CISA KEV: actively exploited in the wild
On the Known Exploited Vulnerabilities catalog — federal agencies must patch
!
5 public exploits available
40616, 40847, 40838 and 2 more
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.0/10 High
LOCAL / HIGH complexity

Affected Products (20)

Affected Vendors

Linux Canonical Debian Redhat Fedoraproject Netapp Paloaltonetworks

References (254)

Third Party Advisory http://fortiguard.com/advisory/FG-IR-16-063
Issue Tracking http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=19be0e...
Third Party Advisory http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770
Third Party Advisory http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10774
Third Party Advisory http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10807
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00034.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00035.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00036.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00038.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00039.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00040.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00045.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00048.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00049.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00050.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00051.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00052.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00053.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00054.html
Mailing List http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00055.html
and 234 more references
75
/ 100
critical-risk
Severity 18/34 · Moderate
Exploitability 34/34 · Critical
Exposure 23/34 · High